|
Tests debunk viruses-in-cars myth
-
Submitted by Marie Clark for F-Secure
May 12,
2005 -- (MobileVillage) -- A couple of months ago there were
rumors floating around that Bluetooth viruses could infect
the on-board computers of some Lexus cars, or at least cause
some visible effects on them.
In February
we [F-Secure] published an official statement from Toyota
that Lexus does not use Symbian OS, and thus cannot be infected
by any of the Cabir variants.
However
a mobile worm infecting a car is a thought that one cannot
let go easily, and even as we knew that the car cannot be
infected, this was something that just had to be tested for
real.
So we
got a Toyota Prius to test out the myth. Credit has to be
given to Toyota for trusting their systems enough to actually
lend the car for us for such testing. According to Toyota,
this Prius model had identical in-car Bluetooth systems with
the Lexus models, so it was suitable for our tests. This Bluetooth
functionality is intended to, for example, transfer the phone
book from the car owner’s mobile phone to the built-in
phone of car.
After
getting the car we drove it to a safe testing location: an
underground base 42 meters (140 feet) below sea level - for
some in-depth testing. Before starting any testing with live
viruses we obviously made sure there were no third party phones
in the area which otherwise could have been at risk.
In the
tests we used the Cabir.B and Cabir.H viruses: Cabir.B being
the most widespread variant and responsible for most of the
Cabir sightings in-the-wild, and Cabir.H as it has a different
and more powerful spreading algorithm.
We did
the tests by infecting phones with Cabir variants and operated
the car in all available Bluetooth modes. We wanted to simulate
a situation where someone just walks past the car with a Cabir-infected
phone that has not been paired with the car. Then we recreated
a situation where the phone of the owner of the car is infected
and he does Bluetooth operations with the car.
 |
It
came as no surprise that we could not infect the car,
but the Prius performed better than expected. Cabir tried
to send itself and the car just did not allow the Bluetooth
OBEX transfer. |
After
finishing the tests with infected phones, we tried to transfer
a Cabir-infected SIS file to the car with a special file transfer
program from the phones. In this test the Prius accepted the
file transfer to begin, but then displayed a message stating
"Transfer failed". This message is shown for any
data transmitted to a car that is not a valid VCARD phone
book.
While we
had the car for testing, we also tried all kinds of other publicly
known Bluetooth attacks on it. Our goal was to find out if the
car would react in any way to known Bluetooth attacks and exploits.
After
some tests we got a surprising result: Suddenly all of the
dashboard warning lights came on. The car went totally dead.
Even the door locks didn't open. The onboard computer displayed
a severe warning: "The transmission lock mechanism is
abnormal. Park your car on a flat surface, and fully apply
the hand brake". We waited hesitantly a moment, turned
ignition off and rebooted the car - and everything was back
to normal. Weird.
We repeated
the same test - with the same results. We run it for a third
time - and once again the system crashed. After that we started
to get really worried. This can't be right - Bluetooth can't
cause this, can it? Thoughts of massive product recalls started
to float in our minds.
So we
started from scratch and double checked everything. Going
through the standard process of elimination by switching all
Bluetooth devices off and waiting for some time, the problem
repeated itself. It turns out the cause of the error was low
voltage. After intensive tests for all morning, the battery
of the car was running low! The car computer was going haywire
because of that, and the problem had nothing to do with Bluetooth!
But those were quite tense moments indeed - we almost thought
that the impossible might have happened.
After
fixing the battery problem, we continued tests and Toyota
Prius performed admirably. We managed to find one minor issue
with the system (a corrupted phone name would freeze the on-board
display), but otherwise the Prius Bluetooth system was far
more stable than our test phones and PCs. We had to reboot
our test systems several times as their Bluetooth systems
died on us, while Toyota Prius just kept going.
All in
all, that test was definitely one of the more interesting
virus tests we've done for quite a while.
Recent
Related Stories:
Bluetooth
to evolve via UWB
(The Register)
Vital
Engineering's Bluetooth transmitter relays auto diagnostic
data
(engadget)
More
mobile phone worms appear
Report:
Handheld device security could cost more than the device
Back
to MobileVillage News Page
|
Daily
News for
