Now that the Prius and some other cars are integrating with cell phones
and bluetooth enabled devices, is there a risk?
If there isn't yet, could there be? (Hey, they got your phone, they're
after your car!!)
Urban Leged; Read on:
We did the tests by infecting phones with Cabir variants and
operated the car in all available Bluetooth modes. We wanted to simulate a
situation where someone just walks past the car with a Cabir-infected
phone that has not been paired with the car. Then we recreated a situation
where the phone of the owner of the car is infected and he does Bluetooth
operations with the car.
Jarno inside the car
It came as no surprise that we could not infect the car, but the Prius
performed in the test even better than expected. No matter what we did the
car did not react to the Bluetooth traffic at all. Cabir tried to send
itself to the car and the car just did not allow the Bluetooth OBEX
transfer to happen.
After finishing the tests with infected phones, we tried to transfer a
Cabir-infected SIS file to the car with a special file transfer program
from the phones. In this test the Prius accepted the file transfer to
begin, but then displayed a message stating "Transfer failed". This
message is shown for any data transmitted to a car that is not a valid
VCARD phone book.
While we had the car for testing, we also tried all kinds of other publicly
known Bluetooth attacks on it. Our goal was to find out if the car would
react in any way to known Bluetooth attacks and exploits.
After some tests we got a surprising result: Suddenly all dashboard warning
lights came on. The car went totally dead. Even the door locks didn't open
anymore. The onboard computer displayed a severe warning: "The
transmission lock mechanism is abnormal. Park your car on a flat surface,
and fully apply the hand brake". We waited hesistantly a moment, turned
ignition off and rebooted the car - and everything was back to normal.
We repeated the same test - with the same results. We run it for a
third time - and once again the system crashed. After that we started to
get really worried. This can't be right - Bluetooth can't cause this, can
it? Thoughts of massive product recalls started to float in our minds.
So we started from scratch and double checked everything. Going through the
standard process of elimination by switching all Bluetooth devices off and
waiting for some time, the problem repeated itself. Turns out the cause of
the error was low voltage. After intensive tests for all morning, the
battery of the car was running low! The car computer was going haywire
because of that, and the problem had nothing to do with Bluetooth! But
those were quite tense moments indeed - we almost thought that the
impossible might have happened.
After fixing the battery problem, we continued tests and Toyota Prius performed
admirably. We managed to find one minor issue with the system (a corrupted
phone name would freeze the on-board display), but otherwise the Prius
Bluetooth system was far more stable than our test phones and PCs. We had
to reboot our test systems several times as their Bluetooth systems died
on us, while Toyota Prius just kept going.
All in all, that test was definitely one of the more interesting virus
tests we've done for quite a while.
It's not an urban legend. It's a test where experts tried very hard to
infect the Prius via Bluetooth and could not.
The only problem they had was leaving the ignition on (in ACC, apparently)
all day, running down the 12 volt auxilliary battery. That's hardly a
problem and would have happened without the bluetooth.
An urban legend is the story that that you have to replace the hybrid
battery every 3 years at $,000 for the battery pack.
That can't be an urban legend; the guy with a hook for a hand and black
widow spiders living in his hair told me it was true! 'Course, he was pretty
So true. I hear that almost every time someone stops me to ask about my
Prius. Once again, it seems, ignorance and superstition struggles against
science and technology.
On Tue, 04 Oct 2005 14:39:37 -0500, dbs__usenet wrote:
It's about 10 years, depending on use.