McAfee looks to combat vehicle viruses

This has me so speechless all I can say is…Read here; McAfee looks to combat vehicle viruses | Cutting Edge - CNET News

On 05/18/2013 09:36 PM, Jonathan R wrote:
>
> This has me so speechless all I can say is…

i guess it means some vehicle makers are using Windows?
is that possible?

are any of them that stupid?

hmmmmm, well i do know the US Navy put some of Bill’s Best in a
combat ship that went “dead in the water” and, as far as i know the
Navy learned THAT lesson (don’t put a game system in work place)
http://en.wikipedia.org/wiki/USS_Yorktown_(CG-48)

GM, Ford and all the others may have to learn the same lesson, the
same way–through failure…just hope it is not your family driving
when the game is tilted.


dd

Yes, some manufacturers (Ford and others) use Microsoft. Yes, they really are that stupid.

it is called ‘sync’ and control everything in the vehicle SYNC | Say the Word | Ford.com

> Yes, some manufacturers (Ford and others) use Microsoft. Yes, they
> really are that stupid.

As I recall the Ford system was widely panned and responsible for a decrease
in Consumer Reports reliability ratings for the afflicted models. FWIW the
international space station was recently infected by a laptop running XPSP3.

Ha, a client of mine has a Ford Escape with MS Sync and he has been back to the dealer a bunch of times to get updates and a couple times he has to pull over to the curb and shut off and re-start the car to get things to work right.
He told me the updates to the Sync system take a couple hours each and he has to leave the vehicle at the dealer for 1/2 day at least.

Are we going to get to a point where we pick a vehicle to purchase based on the potential it has to get a virus?

Interesting question indeed.

I am glad my TV runs on Linux.

>
> international space station was recently infected by a laptop running XPSP3.
sad!

sad because it is SO easy to have a reliable AND secure system.


dd

Well, don’t despair guys. It’s Linux to the rescue.

2014: The year of the Linux car? | ZDNet

Coming To A Car Near You: Linux Goes Automotive, Signs Up Harman, Intel, Toyota, Samsung’s Tizen, More | TechCrunch

Linux Car PC | Timekiller.org

Linux in Cars, or Why Toyota Chose Freedom | Community | LinuxInsider

On Sat, 18 May 2013 21:48:06 +0000, dd wrote:

> i guess it means some vehicle makers are using Windows?

Perhaps, but there are systems that are vulnerable to exploits that are
nowhere near Microsoft. It’s folly to think that Windows is the only
exploitable system.

Exploits talked about at conferences like Defcon range from how to hack
pacemakers (which clearly don’t run Windows) or how to access wireless
remote devices like garage door openers.

“Exploit” doesn’t imply “Windows” when it comes to devices like this.
There are lots of medical devices that allegedly do not have adequate
security around them because nobody conceived the idea that they needed
encryption in them.

I can hack my car with a special cable and an Android phone. Some people
do this now rather than “hacking” their car through mechanical means.

It’s a pretty large area of debate here in the US in some areas, because
the device manufacturers want to have patents enforced to prevent people
from “hacking” their cars and other devices they’ve purchased. It’s not
just phones.

Jim

Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

On 2013-05-20 18:46, anika200 wrote:
>
> Ha, a client of mine has a Ford Escape with MS Sync and he has been back
> to the dealer a bunch of times to get updates and a couple times he has
> to pull over to the curb and shut off and re-start the car to get things
> to work right.

He :slight_smile:

I don’t have anything like that in my car, but I do have a “Parrot”
device, which connects to my cellular phone via bluetooth, so that I can
take phone calls hands free - this is mandatory in Spain, you can not
hold the phone on your hands while driving.

Well, I replaced my cell the other day. It took me half an hour to get
it recognized - and each attempt means starting the engine, and
stopping/restarting it to reboot the Parrot, wasting gas for half an
hour (parked) to get it done.

This is not software handling the brakes, but still… software in
vehicles is a tricky thing.

> He told me the updates to the Sync system take a couple hours each and
> he has to leave the vehicle at the dealer for 1/2 day at least.

:frowning:


Cheers / Saludos,

Carlos E. R.
(from 12.1 x86_64 “Asparagus” at Telcontar)

On 2013-05-20 19:46, hcvv wrote:
>
> anika200;2558636 Wrote:
>> Are we going to get to a point where we pick a vehicle to purchase based
>> on the potential it has to get a virus?
> Interesting question indeed.
>
> I am glad my TV runs on Linux.

Mine does run on Linux - and it hangs, now and then.

It is a Siemens Gigaset M740AV receiver/recorder (digital terrestrial
tv), several years old by now. The thing is that the code that controls
the tuner/decoder is proprietary, and it hangs now and then, or has
problems. Hackers have made firmware updates that add lots of wonderful
new features, like a web server to control the device from the computer,
with lots of new features, all in Linux (the original manufacturer code
was also Linux).

But the binary blob that handles the tuner can not be touched… :-/

And of course, as the years pass, new models are sold, the hacker
community that made flash updates start to diminish, and then there are
no more updates to your model.


Cheers / Saludos,

Carlos E. R.
(from 12.1 x86_64 “Asparagus” at Telcontar)

On 2013-05-20 19:50, dd wrote:
>>
>> international space station was recently infected by a laptop running
>> XPSP3.
> sad!
>
> sad because it is SO easy to have a reliable AND secure system.

AFAIK, those laptops do not control any “life and death” systems. It can
be simply the laptop that the astronaut uses to send emails home (or
“job” email), not a crucial thing. I’m not sure if I read years ago
about some Russian astronaut using a Linux laptop. I read that the NASA
thought about using Linux.

The shuttle had 3 custom made control computers, IIRC. At least 2 had to
agree. They did not run anything like Windows, that’s for sure. And I
have the vague feeling of reading that these particular computers been
too old to maintain has to do with the decommissioning of the shuttles
(maybe they used 8086 processors or similar). I’m sure someone could
find a reliable source telling the story.


Cheers / Saludos,

Carlos E. R.
(from 12.1 x86_64 “Asparagus” at Telcontar)

On 2013-05-20 21:39, Jim Henderson wrote:
> On Sat, 18 May 2013 21:48:06 +0000, dd wrote:

> Exploits talked about at conferences like Defcon range from how to hack
> pacemakers (which clearly don’t run Windows) or how to access wireless
> remote devices like garage door openers.

Yes, that’s true. The designers of many control devices never thought
about security that kind of security. I have programmed some of those
things, and our machines did not have network capacity, and of course,
not any antivirus. Anyone with a floppy or a CD could do untold damage,
anyway. Our concerns were controlling the hardware and machines (motors,
actuators, etc) safely, but not for someone actively wanting to do damage.

But more complex setups are networked. Not only PCs and ethernet, but
things like PLCs with dedicated buses, which can be connected to a
computer for data collection or parameter modification or even
reprogramming; this PC to a local network - and there you have the
problem. Ideally, the local control network is isolated, but you may
want to copy stats and data to an usb stick… and the stick can have a
virus. This is the kind of setup targeted by the “stuxnet” malware.

> “Exploit” doesn’t imply “Windows” when it comes to devices like this.
> There are lots of medical devices that allegedly do not have adequate
> security around them because nobody conceived the idea that they needed
> encryption in them.

Absolutely.

The doctor wants to read data from the pacemaker, maybe change
parameters without opening up the person, but… what if a hacker tries?

> I can hack my car with a special cable and an Android phone. Some people
> do this now rather than “hacking” their car through mechanical means.

Right…

> It’s a pretty large area of debate here in the US in some areas, because
> the device manufacturers want to have patents enforced to prevent people
> from “hacking” their cars and other devices they’ve purchased. It’s not
> just phones.

I can imagine.

On one side dangers. Or simply the difficulty of maintaining a “machine”
that has been modified by the user. On the other hand, the right of
owners to modify what they buy and own.


Cheers / Saludos,

Carlos E. R.
(from 12.1 x86_64 “Asparagus” at Telcontar)

Eroorr!! your voice is too coarse LOL . on other hand. why restart car ? doesn’t parrot have an off button?

On 2013-05-21 04:46, vazhavandan wrote:

>
> Eroorr!! your voice is too coarse LOL . on other hand. why restart car
> ? doesn’t parrot have an off button?

Nope! X’-}

At least mine doesn’t. It was installed by the dealer, and it goes with
the ignition. The car is new, and I don’t know if turning the ignition
key but not actually starting the car has undesired results.

For example, in old times, doing so in a gasoline car, when the points
were closed meant that a continuous current would pass through the coil,
heat it, and perhaps burn it. On diesel cars instead a heater turns on
to heat the fuel injector. Both things are supposed to turn off
automatically later, but do they work?

This car surely has some type of computerized control, but I don’t know
what it does and what not, for sure. The injector heater is expensive to
replace, it is cheaper to burn gas for a while.

Re the Parrot - the “buttons” for controlling it are on a remote gadget,
with battery inside, glued to the dashboard. It connects via wireless to
the central unit somewhere, and it works only when it feels like it.

This is because Opel does not ship all models with an integrated
phone-hands-free device (shame on them). The dealer in my city includes
a Parrot extra free of charge on those cheaper cars, but it is an
addition, not so nicely done as a factory gadget :wink:

Which reminds me… they sent me a nice letter to respond a poll. I have
to do it. Maybe there are questions about the Parrot! :-p


Cheers / Saludos,

Carlos E. R.
(from 12.1 x86_64 “Asparagus” at Telcontar)

I installed one of these, works well on viruses.

http://www.youtube.com/watch?v=Ee3L9BQQ4Gs

That was really funny.

They’re learning.

International Space Station making laptop migration from Windows XP to Debian 6