For years I've been suggesting the possibility of a Prius virus - that spreads over bluetooth between Priuses when they pass eachother on the road. Finally a serious look at the issue. You should expect that various entry points in the automotive environment are no more secure in the automotive environment than they are in your PC,” Mr. Savage said.
A couple key excerpts from the paper: We created a “Self-Destruct” demo in which a 60-second count-down is displayed on the Driver
Information Center (the dash), accompanied by clicks at an increasing rate and horn honks in the last few seconds. In our demo, this sequence culminated with killing the engine and activating the door lock relay (preventing the occupant from using the electronic door unlock button). This demo, which we tested on both cars, required fewer than 200 lines of code added to CAR SHARK, most of them for timing the clicking and the count-down.
In our car we identified no fewer than five kinds of digital radio interfaces accepting outside input, some over only a short range and others over indefinite distance. While outside the scope of this paper, we wish to be clear that vulnerabilities in such services are not purely theoretical. We have developed the ability to remotely compromise key ECUs in our car via externally-facing vulnerabilities, amplify the impact of these remote compromises using the results in this paper, and ultimately monitor and control our car remotely over the Internet.
| 
