BlackBerry Working With Automakers On Antivirus Tool For Your Car (reuters.com) 45
An anonymous reader quotes a report from Reuters: BlackBerry is working with at least two automakers to develop a security service that would remotely scan vehicles for computer viruses and tell drivers to pull over if they were in critical danger, according to a financial analyst. The service, which would also be able to install security patches to an idle car, is being tested by luxury automakers Aston Martin and Range Rover. The service could be launched as early as next year, generating about $10 a month per vehicle for BlackBerry, according to Papageorgiou, who has followed BlackBerry for more than 15 years. Vehicles increasingly rely on dozens of computers that connect to each other as well as the internet, mobile networks and Bluetooth communications systems that make them vulnerable to remote hacks.
Re: (Score:2)
Re: (Score:1)
who the F*CK is going to pay more than $10/month (as somebody else is getting a cut as well) just for antivirus protection for your car?
That's insane (Score:2)
If your car needs an antivirus tool, it is not safe.
Re:That's insane (Score:5, Insightful)
While you are undoubtedly correct, given how many times it has been demonstrated that cars are not currently secure, the fact is, cars do need this. The alterative is not between cars needing this and cars not needing this. The alternative is between cars need this and having it and cars needing this and not having it.
Re: (Score:1)
It only creates another vector of attack.
Re: (Score:2)
"The service, which would also be able to install security patches to an idle car"
Right. And that will never be exploited.
Re:That's insane (Score:4, Insightful)
While you are undoubtedly correct, given how many times it has been demonstrated that cars are not currently secure, the fact is, cars do need this.
You make automobiles safe by not making them accessible, not by turning them into cum dumpsters for every malware writer who want to send you over a cliff for the LuLz.
There is no such thing as an internet secure device, even try to mname one, and it will be cracked in no time. If software can be made, allowing others access to it means they can compromise it.
Now educate me how I am wrong, and we are not just introducing another Internet of things disaster, only with people ending up dead.
The alterative is not between cars needing this and cars not needing this. The alternative is between cars need this and having it and cars needing this and not having it.
Isn't it just freaking amazing that we have had road travelling vehicles for over a hundred years, and now it is mandatory that we open the gates for the visigoths to come in and play with them?
Technology can be awesome, But stupid technology is always stupid.
Re: (Score:1)
Aren't the Visigoths on our side now?
Re: (Score:3)
Re: (Score:2)
Agreed 100%.
Here's a suggestion: Make it the responsibility of the car maker to build a car that is safe from external hacking. Then, if some car gets hacked and someone gets hurt, then the car maker has to pay. Simply say "If your car is hackable, then it is NOT 'fit for purpose' so you can't sell it, and we're not going to let you EULA your way out of responsibility."
VERY quickly you will see "features" like Bluetooth connectivity, Internet access and every other vulnerable, useless farkle disappear. Car
Re: (Score:2)
The USA did this back in the 1960s with Ralph Nader and his efforts to hold the car makers accountable for building unsafe cars, so they can do it again.
The second iteration of "unsafe at any speed"!
If a automobile can be disabled or caused to do things that are unsafe to the occupants, it is no less a problem than if the brakes stop working because of a mechanical problem. And if it is an inherent problem that can cause many vehicles to have the same problem - and let's face it, auto malware can potentially cause all vehicles to have the same problem, then there is case history that the manufacturer is liable.
Re: (Score:3)
While you are undoubtedly correct, given how many times it has been demonstrated that cars are not currently secure, the fact is, cars do need this.
What makes software safety different from other considerations?
People wouldn't accept passenger cars filled with active fire suppression systems to work around defects that would otherwise cause a vehicle to spontaneously burst into flames.
They wouldn't accept a braking system that sometimes didn't work properly resulting in driver education campaigns to fill in safety gaps.
Why on earth should anyone accept a vehicle inherently unsafe to remote cyber attack? Because it's software?
The alterative is not between cars needing this and cars not needing this.
The alternative is between
Re:That's insane (Score:4, Insightful)
They need this, huh?
I can only pray antivirus on a car works better than antivirus on... anything else.
You gotta be shitting me... (Score:2)
Youtube has massive examples of this and it's more the blame of the Car Manufacturers than anything else for shitty programming.
Re: (Score:2)
The service, which would also be able to install security patches to an idle car . . .
So, you're complaining that automakers need to keep firmware more up to date in an article about a service what will keep firmware more up to date?
Get a grip, dude. You're not CNN and this isn't Facebook.
Hush (Score:2)
Hush, you're not seeing the advantage of this situation. People who have trouble operating a toaster will finally be stripped of their license to pilot a large, fast deathmobile (said innerworkings they understand possibly less of than their home PC). They'll need to get an A+ certification just to drive during daylight hours.
What this means is: in five years, only techs will be driving vehicles; everyone else will be on bikes.
Re: (Score:2)
If your vehicle's firmware needs updates - let alone frequent ones - you've already lost. If your car allows remote access to anything - you're already teetering on the edge (I can't stand remote start for instance, ad key fobs are nice but they are a risk.)
This culture of "eh, just release it - we can issue a patch later" is toxic.
You want to know the historic term for having to repair something on a car after it was sold: recall. Just replace the word "software patch" with "recall" in your mind from now
Re: (Score:1)
My thoughts precisely
'Today at the Consumer Electronics Show in Las Vegas, we announced the Microsoft Connected Vehicle Platform [microsoft.com], a set of services built on the Microsoft Azure cloud'.
A virus scanner with a back door for the police (Score:2)
http://www.cantechletter.com/2... [cantechletter.com]
http://www.michaelgeist.ca/200... [michaelgeist.ca]
Re: (Score:2)
If the car has Bluetooth, there's already a back door for police.
Comment removed (Score:3)
Re: (Score:2)
Until then, I'll gladly stay with my 90s funcar.
You're going to end up in a head on collision with someone who's modern car was hacked. He will survive. You won't. Staying with "old" to avoid "feature" in the automobile world in terms of safety is exactly the wrong thing to do.
Re: (Score:2)
Re: (Score:2)
very remote
Given driving is the single most risky task a given person does during the course of their day I don't think you understand what "very remote" actually means.
as if Range Rover couldn't get any worse (Score:2)
Lemon Law (Score:2)
If my car is susceptible to a virus in the first year via hardware OR software, I will be invoking the lemon law and getting anew car. A car is not a computer and had better be safe and secure while I am on the road. Adding software to a car should bring software UP to the level of safety and security of a car, not lower the car to the level of safety and security of barely tested and uncertified crapware.
A boon for car-jackers (Score:3)
"You are experiencing a car accident" (Score:3)
So you decided to connect cars and shit to the Internet and results have been gloomy and unpleasant? Facing multi-million dollar lawsuits, bad PR and expenditures related to massive recall campaigns?
Don't sweat choosing between dangerous and irresponsible use of technology and juicy perpetual cyber stalking related profits.
Path to success is paved by doubling down on "defense in depth" shell games in a bid to prevent sufficient number of critically injured whiners and crying babies from coming to the otherwise obvious conclusion.
Virus scanners in particular are a fabulous choice:
- Positive public perception
- Subscription fees (or else) show you care
- Stunning record against unknown and targeted threats
- Marvelous record of scanners leveraged as vectors to compromise otherwise secure systems.
just wait the big roaming bill the car picks a non (Score:2)
just wait the big roaming bill the car picks a non us cell tower and you get hit with the $15-$20 a meg data roaming bill.
Oh, great - bloatware. (Score:2)
Will this antivirus follow the route taken by the IT security products industry?
Start off small with a single tool for a single purpose, then grow bloated with "features", until the computer can't even get to a functioning desktop until you've had 2 or 3 cups of coffee and a danish?
Imagine turning your key or pressing the "start" button, and having to wait 10 minutes before you can drive off, and then the car gets slower and slower over the months as more and more features are added.
McAffee (Score:2)
They should get John McAffee [youtube.com] to work on an antivirus tool for our cars.
the Microsoft Connected Vehicle Platform (Score:1)
If it works well enough, I'm for it (Score:2)
Only a moron... (Score:3, Insightful)
If the gps/navigation system of the entertainment system get hacked, one should be ably to just turn them off.