>the tire sensors only send a message every 60-90 seconds, giving attackers little opportunity to compromise systems or cause any real damage.
I fail to see how the normal rate of the system at all implies what rate can be achieved if attempting to hack the system. Unless it's peak receiving rate is 0.5 baud.
The worst thing about this security flaw is that cars don't really have a good update system for their OS. You have to take your car in to a dealership to get the ECU software updated.
If cars were designed so you could plug in an Ethernet cable to update the firmware, then patches for security flaws like this would be easier to distribute. With cars becoming more and more computerized we might reach that point some day.
I am not sure, if user service updates are a good idea. This would open a path to other risks. Anyway, I agree, there is currently no good solution for updates.
Other risks sure, but other benefits as well. Modern ECUs are pretty flexible and can be reflashed through the ODB-II port with extended functionality. cf. EMCS: http://www.goapr.com/products/ecu_upgrade_s4.html
Something I use, along a similar line: www.evoscan.com
Don't mind the wall of text website: I think it appeals to the revheads or something. The software is really quite clever (it can monitor and display variables from the ecu, along with allowing you to tinker with the software).
I've once seen something on TV (iirc Discovery Channel or so) about certain government agencies using this together with certain antenna's to be able to track vehicles on the freeway.. so this is not completely new when it comes to the tracking bit..
I fail to see how the normal rate of the system at all implies what rate can be achieved if attempting to hack the system. Unless it's peak receiving rate is 0.5 baud.