Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

If they allow over the air updates, even encrypted, there's a big potential risk. Exactly how are the crypto keys generated and protected? An attack on the download signing server, rather than the car, offers an entry point.



From what I've seen, in multiple industries (but not automotive), pretty much anyone serious about signing firmware holds the keys in a HSM.

When you factor the total impact of firmware signing on the product lifecycle, a HSM is a drop in a bucket...




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: