AntiVirus for Cars?

[MrLinus]

I wonder if LG fridges can be infected as well?

Source: SC Magazine
Mobile virus infects Lexus cars by David Quainton

Lexus cars may be vulnerable to viruses that infect them via mobile phones. Landcruiser 100 models LX470 and LS430 have been discovered with infected operating systems that transfer within a range of 15 feet.

"If infected mobile devices are scary, just thinking about an infected onboard computer..," said Eugene Kaspersky, head of anti-virus research at Russian firm Kaspersky. "We do know that car manufacturers are integrating existing operating systems into their onboard computers (take the Fiat and Microsoft deal, for instance)."

It is understood the virus could affect the navigation system of the Lexus models, it transfers onto them via a Bluetooth mobile phone connection. It is still unclear whether the cars in question use the Symbian operating system which has recently been under attack from various worms and viruses.

"At this stage it's still early but it just goes to show that technology has consequences," said David Emm, senior technology consultant at Kaspersky. "It's scary stuff."

Vulnerable operating systems are increasingly moving onto a number of different devices. Last year the Slammer worm infected 13,000 Bank of America ATMs as a result of them moving to a Windows-based operating system.

"I've even seen screenshots of major commercial aeroplanes with Windows 2000-based operating systems," said Mikko Hypponen, director of anti-virus research at Finnish firm F-Secure. "Cars are an obvious target for viruses. It's okay if you don't use the operating system for the engine and the brakes, but when you do..."

Bill Gates is a known Lexus driver. In 1999 he auctioned one for charity.

When contacted Lexus declined to comment.

[XTC46]

wow, that is scary. Imagine the impact if a virus were to infect the navigation system on say an amublance or firel rescue vehicle. the thought of people getting lost wouldnt be so bad, but this could casue people there lives. not to mention the havoc it could cause if like the article says, when brakes and engines start being effected. if a car were to brake hard while on a freeway it would almost certainly cause a major acciident. and you know there are people out there who would be making a virus just for this reason.

[jinxy]

Cars are an obvious target for viruses. It's okay if you don't use the operating system for the engine and the brakes, but when you do..."

Any system critical devices such as breaks should be standalone, that can not be accessed by anyone exept an authorised fitter.

Having said that I have witnessed the affects of a computer controlled suspension system, on a car transporter, malfunction. It through the trailor into an uncontrolable oscilation. Resulting in a rolled over lorry with 13 brand new Rover Saloon, looking not so new.

[|3lack|ce]

More and more it becomes possible to actually kill someone with your computer. This is a clear indication that we must redouble our efforts to combat those who would create malicious code, or do such heinous things. Although I'm quite sure that an onboard computer system isn't directly connected to such critical systems as brakes or steering, it's only a matter of time. At the moment I'd be more concerned with someone manipulating the fuel/air mix to the point the vehicle wouldn't run at all - imagine that on an ambulance or fire truck sent out on an emergency call... or a police unit trying to get to a gunfight in progress...

On the other side of the coin - (gasp, dare I actually say it?) - is it possible that we're taking computers a bit TOO far into other areas? Should we really trust crucial systems such as hospital life support systems, national economies, all the way down to our home refrigerators and vehicles to vulnerable systems? Where are the quality of life improvements if our computerized devices are so manipulated?

Give me a '66 Chevy anyday.

[XTC46]

mmmmmmmmm '66 chevy /drool

[Und3ertak3r]

hmmm.. could add new meaning to War-Driving..

[Timmy77]

Forget infecting the car, what about infecting passenger aircraft?

[cacosapo]

is it possible that we're taking computers a bit TOO far into other areas? Should we really trust crucial systems such as hospital life support systems, national economies, all the way down to our home refrigerators and vehicles to vulnerable systems?

its is not the evolution that make them vulnerable.. it is the dumb developers...

you just cant be lazzy when developing automation software.... If you are figuring about cars, picture an Nuclear Power Plant or a Airplane.... or a chemical plant.

A car inst a Intel computer that you will only loose a word file when your favorite O.S. crashers...

If the car systems are being infected, we need only to blame DEVELOPERS!

Perhaps they are using the MS Developing Guide for a Secure Application

[rcgreen]

When I was last working on cars, about 5 years ago, the
systems were still strictly in ROM and not capable of being
infected by rogue or malicious code. You could burn your own
PROMs to change operating parameters, but it wasn't easy.

They are rushing way too fast into more sophisticated features
that can only be supported by a fully functional programmable
computer with vulnerabilities designed in, because of ease and
convenience.

I don't think any of the critical safety features are accessible
though. The cell phone can't talk to the ABS, for example.

[BigDick]

I don't know how to respond to this. In one way I can see that the possible ramifications of viral infection of automobiles, airplanes, etc. But at the same time, I don't feel that blaming the developers is a viable alternative. I guess that inherently they are responsible for their code, but at the same time, M$ doesn't seem to be held responsible when a Windows machine is infected, even if it costs millions of $$$. Although I think accountability would make the industry that much better, I don't see that as possible, because after all, I've read that M$ has like 20,000 developers, it would be really difficult to trace the vulnerable line of code to any one of them. Especially with the millions and millions of line of code in Windows. But the dangers of all of this "advancement" are not lost on me. I think the responsibility should go to those that chose the system that was/is used. With all of the available possibilities it is possible that they could make a better choice that the one that they made, it is also possible that they could make a worse choice. I know I will never buy a fiat if it has Windows in it. I've also heard that the UK's navy is going to start using a Windows based system in their nuclear warships. So the next thing we know there are a bunch of nuclear warships under the control of some hacker in Sri Lanka, who thinks the whole thing is funny as they watch [insert favorite city's name here] disappear into a cloud of smoke and flame. When all of that (hypothetical anyways) could have been prevented with a better choice in OS for the given application.