Hacker News new | past | comments | ask | show | jobs | submit login

If the firmware is SECURITY CRITICAL then the only way to change it can be through physical presence, loading encrypted and and signed firmware

Physical access? So, hypothetically another car gets hacked, but this time there is no middleman in position to implement a mitigation like Sprint was in this case. How do you suggest a firmware rollout happens? Recalls? Mailing thumbdrives to end users?

Over the last week I've seen the infosec community warmer to the idea of OTA updates and all that baggage that entails compared to the alternative ways to update car firmware. You're posting pretty authoritatively though, if you've got some analysis that the rest of us don't, I'd love to hear it.




The basic idea is that this wouldn't have happened in the first place if it required physical access.


And if it was a buffer overflow that lead to an arbitrary RCE instead of a firmware-overwrite, and the fix was to upgrade the code to fix the buffer overflow?


What buffer overflow? Obviously the firmware is formally proven correct and proven not to include any of those?

(I'm half joking here - I suspect that's not the case and won't be the case for a foreseeable future, but I'd be happy to learn I'm wrong here)




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: