Total Members: 14197
Posted by: Amker
« on: 02. June 2007., 19:49:57 »We received a sample of a virus written for a programmable calculator TI89 produced by “Texas Instruments”. This calculator runs on Motorola 68000 processor and has a computing power comparable to the first IBM PCs. It also offers cable connectivity to a PC and to other calculators to exchange programs.
Essentially, this calculator is a small computer that runs programs. One can get a wide variety of games for it - from classic Tetris and Pacman to full-blown chess! There is little security built in so programs have full access to all other programs - just like in the time of DOS for IBM PCs.
Reliable detection of this proof-of-concept virus (we call it TIOS/Tigraa) is easy, even though it attempts to hide by obfuscating the call to the virus body within the infected file. The problem is that there is no AV software yet for calculators so protection can only be built on a PC. This would not block propagation between calculators should similar virus ever gets into the field. Fortunately, the chances of this happening are rather slim.
This incident would not be worth mentioning but it prompts me to emphasize one important point. More and more mobile devices (pocket organizers, smartphones, Internet tablets, calculators, etc.) receive enough computing power and not enough security features to create breeding ground for malicious code. We urge developers for all mobile devices to make necessary investment into securing the environment they create. Prevention is always better then a cure!
Essentially, this calculator is a small computer that runs programs. One can get a wide variety of games for it - from classic Tetris and Pacman to full-blown chess! There is little security built in so programs have full access to all other programs - just like in the time of DOS for IBM PCs.
Reliable detection of this proof-of-concept virus (we call it TIOS/Tigraa) is easy, even though it attempts to hide by obfuscating the call to the virus body within the infected file. The problem is that there is no AV software yet for calculators so protection can only be built on a PC. This would not block propagation between calculators should similar virus ever gets into the field. Fortunately, the chances of this happening are rather slim.
This incident would not be worth mentioning but it prompts me to emphasize one important point. More and more mobile devices (pocket organizers, smartphones, Internet tablets, calculators, etc.) receive enough computing power and not enough security features to create breeding ground for malicious code. We urge developers for all mobile devices to make necessary investment into securing the environment they create. Prevention is always better then a cure!