Testing Out Cell-Phone Viruses on a Prius

← Back to Stories (view on slashdot.org)

Testing Out Cell-Phone Viruses on a Prius

Posted by timothy on Monday May 9, 2005 @11:47AM from the deep-underground-in-their-lair dept.

Mikko Hypponen writes "Couple of months ago there were rumours floating around that Bluetooth viruses could infect the on-board computers of some Lexus cars, or at least cause some visible effects on them. We took a Toyota Prius to an underground bunker and tested various Bluetooth mobile phone viruses and assorted Bluetooth attacks against the onboard computer. Results were somewhat surprising. It came as no surprise that we could not infect the car, but the Prius performed in the test even better than expected. No matter what we did the car did not react to the Bluetooth traffic at all. Cabir tried to send itself to the car and the car just did not allow the Bluetooth OBEX transfer to happen. Then, the whole car crashed (but not because of a virus)... Full story with pictures in our weblog."

37 of 196 comments (clear)

Well, that's good... by ackthpt · 2005-05-09 11:49 · Score: 5, Funny

Apart from the car crashing. Maybe a few less pints of Boddington's next time you head for the bunker, eh?

--

A feeling of having made the same mistake before: Deja Foobar
Still At Risk by fembots · 2005-05-09 11:50 · Score: 5, Funny

The article said "After intensive tests for all morning, the battery of the car was running low".

Does that mean that a similar DOS attack can disable most cars in a car park?

--
Rock that crushes, Paper & Scissors that don't matter.
1. Re:Still At Risk by RevDobbs · 2005-05-09 11:55 · Score: 2, Insightful
  
  Yes. Most cars in park with the key, accessories, and god know what else on -- but the engine not running -- will drain the battery eventually. It's called the "I locked my keys in the car"-DOS.
2. Re:Still At Risk by RevDobbs · 2005-05-09 11:59 · Score: 5, Insightful
  
  It's a very interesting idea to DOS a car.
  
  A much easier to execute Denial-of-Service would be to slash the tires, doncha think? Only takes about 45 seconds to get to all four of 'em, it isn't terribly noisy, and I've never been caught doing it.
  
  I mean, it seems like that detection would be very unlikely.
3. Re:Still At Risk by Vellmont · 2005-05-09 12:00 · Score: 5, Funny
  
  Yes. This DOS attack has been known for quite a long time. It's only recently become known outside the hacker community. Some people even accidentally do it to themselves. Among laymen it's called "leaving your lights on".
  
  --
  AccountKiller
4. Re:Still At Risk by Fishstick · 2005-05-09 12:07 · Score: 2, Interesting
  
  I've always preferred removing the valve stems with a pair of cutting pliers, myself.
  
  Yeah, it makes a nice whistling sound, but that is kinda the attraction too -- somewhere in the parking garage there are four whistles gradually becoming lower, quieter...
  
  The victim walks out, sees four flats with no apparent damage *WTF*
  
  Nothing as serious as having to buy 4x$120 tires, just aggravating to have to have someone come and repair the wheels onsite (esp in a parking garage where clearance will not permit a rollback trailer)
  
  --
  There is much cruelty in the universe, John.
  Yeah, we seem to have the tour map.
5. Re:Still At Risk by promantek · 2005-05-09 12:13 · Score: 2, Funny
  
  I guess the moderators are valley girls who shriek "Oh my gawd" while skipping together arm-in-arm wearing mini-skirts. Clearly, they find your OMFG comments insightful, but only after 90120 has gone on a commercial break.
  
  that's sophistication, my friend.
6. Re:Still At Risk by Samari711 · 2005-05-09 12:44 · Score: 5, Interesting
  
  a better way to do this is to buy a valve tool at the local auto parts store. rather than do any permenant damage just loosen every tire's stem. Even if the owner could figure out why their tires are flat, they most likely won't have the tool on hand to fix it. even if they have a pump, the tires won't inflate and they'll be very confused. Also note that some car (especially those abominations known as Hummers) have tires that automatically inflate themselves, so doing this to one of them would result in a car with 4 flats and a dead battery :)
  
  --
  I never said I was smart, I just said I was smarter than you
7. Re:Still At Risk by kamileon · 2005-05-09 17:11 · Score: 2, Interesting
  
  I've actually watched someone DOS a car... A car alarm was going off every few minutes as trucks drove by during the middle of wedding preparations in a San Francisco park. The sensitivity was cranked way up on the alarm. So the best man walked up to the car and tapped his class ring on the window to set the alarm off, and then kept tapping the window every time the alarm stopped. Drained the battery in about 15-20 minutes, in plenty of time for a peaceful wedding. :) Keep this in mind the next time your neighbor's car alarm goes off at 2 AM. Sure, it takes 20 minutes, but then you get a whole night of blissfully uninterrupted sleep. :)
  
  --
  To truly understand recursion, you must first truly understand recursion.
Only works on the Lexus, not the Prius by WillAffleckUW · 2005-05-09 11:51 · Score: 3, Funny

After all, cell phone virii only attack those who pay way too much for a car, without increased efficiency ...

Hmmm, maybe the Matrix is happening ...

--
-- Tigger warning: This post may contain tiggers! --
Re:Serious Question by winkydink · 2005-05-09 11:51 · Score: 4, Informative

RTFA. It wasn't their car. Toyota lent it to them.

--
"I'd rather be a lightning rod than a seismometer." -Ken Kesey
what a shitty error message by RevDobbs · 2005-05-09 11:52 · Score: 5, Insightful

Granted, the transmission may not be working -- but there should be a diagnostic saying "OMFG Battery Voltage Low" first. If you lost your arms in an industrial accident you don't start by telling the doctor that you have a hard time holding pens...
1. Re:what a shitty error message by SagSaw · 2005-05-09 14:27 · Score: 5, Informative
  
  Granted, the transmission may not be working -- but there should be a diagnostic saying "OMFG Battery Voltage Low" first.
  
  IAAAEE (I am an automotive electrical engieer)...
  
  From an automotive safety standpoint, a malfunctioning park interlock system is pretty close to the top of the list of bad things. The part interlock is the system that prevents the an automatic transmission from shifting out of park unless the vehicle key is in the ignition and there is a second input from the driver (typically by pressing the brake). If the park interlock malfunctions, a simple bump of the shifter (or possibly even the vehicle) might cause the car to shift out of park and begin to roll away. Typically, any failure that disables the function of the park interlock is given the highest severity (Severe injury or death occurs without warning) on any type of DFMEA analysis.
  
  By prominitly displaying a warning on the dashboard, this failure drops down a few notches in severity as there is clear warning that a failure has occured and instructions from how to minimize the risk.
  
  As a result, if the Prius is only capable of displaying one fault condition at a time, a fault with the park interlock system is much more important to display than a low battery voltage. That having been said, some sort of indication of a low battery condition would also be a good idea, perhaps via a trouble light on the dashboard or elsewhere.
  
  --
  Come test your mettle in the world of Alter Aeon!
2. Re:what a shitty error message by slacktide · 2005-05-09 17:33 · Score: 4, Funny
  
  Oh my god! It's a Safety Nightmare! It's also the exactly how every manual transmission car on the road works, and we don't see endless parades of them rolling down the hill, do we?
3. Re:what a shitty error message by Eivind · 2005-05-09 18:46 · Score: 2, Insightful
  
  From an automotive safety standpoint, a malfunctioning park interlock system is pretty close to the top of the list of bad things.
  Agreed. So when it happens, it should probably be displayed, even if that means hiding other, less important error-messages.
  
  However, this also means it *shouldn't* be happening as a result of something common. A low battery-voltage is a pretty common error-scenario. To have something dangerous happen as a result thereof is simply bad design.
  
  If they do keep this bad design, then including the reason in the error-message would also be a good idea:
  
  Warning: The low battery voltage causes the park-interlock system to behave abnormally ....
  
  This would atleast give the driver some idea what is going on.
4. Re:what a shitty error message by Anonymous Coward · 2005-05-09 18:53 · Score: 2, Informative
  
  I saw a brand new BMW 7 series, that had a stereo installed in it by a good friend of mine. somehow the serpentine belt went out on it, which made the alternator not work. which killed the battery. which then made it not start. which made it impossible to even do anything to, because it's ALL electronic, even the parking brake is a button on the dash.
  
  the guy took it to the BMW dealer, they hooked it up to the diagnostic, and said that my friend had fried all the electrical on the system, because it wasn't putting out 14 volts like it should have been. so they towed it over to the stereo shop my friend works at, only to have him look at it, and open the hood (which the BMW mechanics had never even done) to show him the belt had broken. only to have it towed BACK to the bmw dealer to have them replace the belt. there was nothing in thier flow chart of 'how to fix the car' that said 'open the hood', so they didn't.
  
  I fear for people who take thier cars to mechanics in 20 years. I also fear for cars in 20 years. I personally like my 30 year old VW bug, it's simple. easy. and reliable!
  
  I have a feeling simple electrical issues will be creating all kinds of problems in the kind of cars that will be released in the next 10 years.
Apocolypse Now! by WankersRevenge · 2005-05-09 11:54 · Score: 2, Funny

It came as no surprise that we could not infect the car, but the Prius performed in the test even better than expected.

We're all doomed!
In other news... by Bifurcati · 2005-05-09 11:55 · Score: 4, Funny

Two bodies were found dead on the side of the road, apparently flung from a speeding vehicle. Satellite tracking followed the car as it drove itself, without driver, to a house in suburban San Diego. Police arrested 14 year old Neville Splink as he prepared to climb into the drivers seat with a modded Bluetooth enabled Playstation 2 running Linux and a copy of Gran Turismo 4. Neville could not be reached for comment, but sources say he couldn't believe how lucky he was that some idiots deliberately loaded his virus into their car. He had been expecting to have to take over their minds with their mobile phones first.
Police have warned all families with nerdy children to be on the look out for unexplained cars turning up in their garage.

--

Physicist, consultant, science communicator
Virus that pummels users into submission by G4from128k · 2005-05-09 12:00 · Score: 5, Insightful

TFA, further down the page, describes the user experience of a Cabir infection. The recipient must click "yes" a number of times to accept the unknown transmission, install the unknown file, and bypass a security warning about installing something from an unverified supplier. Why do people click "yes" to all this? Because if you click "No" the virus keeps trying to install itself and pester you with the messages.

Definitely reminds me of "Abort/Retry/Fail" error message of so long ago. The first time you ever see the message, you hit "retry" a few times hoping it will work. Eventually, the computer teaches you to never try "retry" because it only puts up the error message again.

This virus is social engineering at its best, just like the whiny kid in the grocery store. Keep pestering until they say "yes."

--
Two wrongs don't make a right, but three lefts do.
1. Re:Virus that pummels users into submission by krbvroc1 · 2005-05-09 12:15 · Score: 2, Interesting
  
  Firefox will do this too. I'll visit a site that says the security certificate is invalid, so I click 'deny'. The another certificate request pops up, ad-infinitum is seems. Since its a modal dialog you can't even close the web browser or close the 'tab' I'm browsing in. I end up either answering yes after examining the cert or kill via the task manager which closes not only that one site, but all all my open tabs.
2. Re:Virus that pummels users into submission by AdamWeeden · 2005-05-09 13:50 · Score: 3, Insightful
  
  This virus is social engineering at its best, just like the whiny kid in the grocery store. Keep pestering until they say "yes."
  
  Except that you can't take the virus to the frozen foods aisle and beat it with a loaf of frozen bread to get it to shut up. :)
  
  --
  I was quoted out of context in my autobiography...
Not Suprising, But still interesting by Xeroc · 2005-05-09 12:01 · Score: 3, Interesting

After all, the cell phones use Symbian OS, and the Prius (and Lexus) both do not use it, so it isn't very suprising that the virus wouldn't work. After all, you don't hear very often that a MS-Windows virus infects a Macintosh.

Also, I liked the apparent security features in the car, that it didn't react to the bluetooth traffic, but then again, this is probably just due to an inconpatiblility - i.e. the car won't except any type of data but a specific type, like a valid VCARD phone book.

--
"Real programmers don't comment their code. If it was hard to write it should be hard to understand."
Re:Serious Question by douglips · 2005-05-09 12:03 · Score: 3, Interesting

You do realize that these people (F-Secure) are virus fighters? They intentionally infect all kinds of things all day long, so they can figure out how to cure them.

--
My amazing wife - Artist, Author, Philosopher - Laurie M
Crazy by XFilesFMDS1013 · 2005-05-09 12:06 · Score: 5, Interesting

Reading the article, they're talking about going undergound in order to not effect any other cellphones in the area, and it stuck me as to how much is the same between a computer virus and a "physical" virus. I mean, scientists who work with e.g. bubonic plague, have to take the same cautions, i.e. not letting the virus out into the "wild", where it can spread. I suppose in a few years, many viruses will be tested like this, taking them into a underground bunker, putting them on a computer that has absolutly no connection to the outside world, and trying to find a cure for it. Then the geeks shall hold the true power.
Rebooting the car... by gambit3 · 2005-05-09 12:11 · Score: 4, Funny

Does anyone else feel disturbed by that statement?

We waited hesistantly a moment, turned ignition off and rebooted the car...

--
Watch the Teaser Trailer for "The Lightning Thief" Her
1. Re:Rebooting the car... by taniwha · 2005-05-09 12:53 · Score: 4, Interesting
  
  well given that the Prius doesn't have a traditional key, just a key-fob that identofies you and an 'on' button it is a lot like rebooting a PC - to be fair they probably didn't push 'reset' (there isn't one) just turned it off then on again
Funny, the same thing happened... by ctl4u · 2005-05-09 12:19 · Score: 5, Funny

With my 1979 Toyota Camry no matter what bluetooth signals I sent there was no response. Needless to say, I was shocked!
KITT by thanjee · 2005-05-09 12:26 · Score: 4, Funny

Did KITT ever get a virus?

If he ever got sick it would have been that he was just sick of having David Hasselhoff hanging around all the time.

--
Saying your OS is the best because more people use it is like saying MacDonalds make the best food
Toyota should expand its business... by guardiangod · 2005-05-09 12:50 · Score: 2, Funny

into the cellphone industry.

They have done the impossible: they created a bluetooth system that no virus in existant can infect.

Microsoft, are you listening?

God I think I will feel much safer knowing that my cellphone (and probably my comp's OS) is made by Toyota.
Non-M$ car by kihjin · 2005-05-09 12:53 · Score: 2, Funny

Obviously this test was not sponsored by Microsoft.

--
This slashdot-related signature is a stub. You can help kihjin by expanding it.
Crashed? by SleepyHappyDoc · 2005-05-09 12:58 · Score: 2, Insightful

Perhaps it's time to find a less ambiguous word to describe a system failure. I'm sure I wasn't the only one whose first glance at the article caught a much different meaning than was intended. Crash works fine in contexts where it doesn't already have a use, but when you refer to cars or planes, it does.

--
Stasis is death. Embrace change.
The item I liked ... by jc42 · 2005-05-09 13:01 · Score: 3, Funny

... was the story from the guy whose cell phone caught the cabir virus, and his phone company's solution was to throw it away and buy a new phone.

Now I'm going to be expecting to hear that Microsoft has adopted this approach (and PHBs are ordering their people to do it) ...

--
Those who do study history are doomed to stand helplessly by while everyone else repeats it.
Not terribly meaningful by subStance · 2005-05-09 13:15 · Score: 4, Interesting

I'm no professional scientist, but it was my understanding that in order to prove something was not true, you have to demonstrate why it can never happen, not that it doesn't happen on a single car that you test it on.

There must be hundreds of different versions of the car's software that have varying levels of resilience to the virus.

I can't wait to see the follow up ... "Why Windows never crashes: we tested and it didn't so it never crashes okay ?" No trouble getting funding for that study from Redmond.

--
Servlet v2.4 container in a single 161KB jar file ? Try Winstone
Dumb and dumber... by ArrayIndexOutOfBound · 2005-05-09 13:15 · Score: 4, Funny

This is really good, you guys are killing me.

Trying to infect Prius with a Symbian "virus" is like trying to infect a tree with a choc chip cookie . Hey I can come up with a better one - it's like trying to infect shampoo with a book on eating disorders (now go picture that in your head for a second).

I won't go into debunking this as I have already done that (http://slashdot.org/comments.pl?sid=137390&cid=11 486620).

But this is so sweet - it takes one dumb kid with too much time on their hands and one even dumber kid to moderate at voila! you get slashdot "news".

Don't you love it!
1. Re:Dumb and dumber... by thegrassyknowl · 2005-05-09 14:56 · Score: 4, Insightful
  
  Trying to infect Prius with a Symbian "virus" is like trying to infect a tree with a choc chip cookie . Hey I can come up with a better one - it's like trying to infect shampoo with a book on eating disorders (now go picture that in your head for a second).
  
  A lot of these embedded machines run Java-based software now. If it can run Java it doesn't matter what OS is underneath it. Sure, the JVM and the OS may have differing levels of protection depending on the device, but as I said... Java is the key.
  
  From what I understand (from my limited reading becuase I don't really give a flying fuck... nothing I own has Bluetooth for a very good reason) these cellphone virii rely on the Java compatibility to work.
  
  From the site:
  
  In February we published an official statement from Toyota that Lexus does not use Symbian OS, and thus cannot be infected by any of the Cabir variants.
  
  However a mobile worm infecting a car is a thought that one cannot let go easily, and even as we knew that the car cannot be infected, this was something that just had to be tested for real.
  
  So they already knew it isn't possible to infect the car. That much is clear. Now, Toyota could have lied about the OS it runs, and the car may have been vulnerable. You never know for sure until you try these things.
  
  It was still an interesting experiment because they discovered a few flaws in the Toyota Bluetooth system - the corrupted phone name that froze the display and the flat battery wasn't properly handled by the system.
  
  So, saying this was a stupid experiment is really stupid in itself.
  
  --
  I drink to make other people interesting!
Re:Interesting... by Fizzl · 2005-05-09 15:25 · Score: 2, Insightful

It looked like a decomissioned military underground hangar. We have those here in Finland mined all over the bedrock. (And F-Secure is a Finnish company)

--
Bot Assisted Blogging
Data stream capture by rgcustodio · 2005-05-09 17:45 · Score: 2, Interesting

They should've at least used a Bluetooth packet analyzer and captured the data stream to and from the phone/car. It should be a good read. And a better disection could be performed.