We received a sample of a virus written for the programmable calculator TI-89, produced by Texas Instruments. This calculator runs on the Motorola 68000 processor and has a computing power comparable to the first IBM PCs. It also offers cable connectivity to a PC and to other calculators to exchange programs.

Essentially, this calculator is a small computer that runs programs. One can get a wide variety of games for it–from classic Tetris and Pacman to full-blown chess! There is little security built in so programs have full access to all other programs–just like in the time of DOS for IBM PCs.

Reliable detection of this proof-of-concept virus (we call it TIOS/Tigraa) is easy, even though it attempts to hide by obfuscating the call to the virus body within the infected file. The problem is that there is no AV software yet for calculators, so protection can only be built on a PC. This would not block propagation between calculators should a similar virus ever get into the field. Fortunately, the chances of this happening are rather slim.

This incident would not normally be worth mentioning but it prompts me to emphasize one important point. More and more mobile devices (pocket organizers, smartphones, Internet tablets, calculators, etc.) receive enough computing power and not enough security features to create breeding grounds for malicious code. We urge developers for all mobile devices to make the necessary investment into securing the environment they create. Prevention is always better than a cure!