
BMW are sending their software updates unencrypted - choult
https://shkspr.mobi/blog/2016/02/bmw-are-sending-their-software-updates-unencrypted/
======
Piskvorrr
Not as alarming as it might look at first glance: data is unencrypted but
apparently signed.

This is essentially the same way that most Linux distros update: the data is
not protected in transit (although with modern SSL being cheap both on servers
and money, it ought to be), but integrity is preserved (assuming a trusted key
distribution channel plus assuming the signatures are checked before install,
and an update would only install with a valid signature).

~~~
mtgx
Does anyone actually believe that key wasn't already stolen by the NSA, or
even the Russian spy agency, though?

~~~
Piskvorrr
If it was, it doesn't matter whether the update goes over HTTPS or not: if
Mallory The Evil Empire has Alice The Carmaker's secret key, neither Bob The
Driver nor Charlie The Car have a way of telling them apart.

In other words, if a malicious payload is signed with Alice's legitimate key,
transit security is irrelevant: you're getting a malicious payload anyway.
Proving that the private key is only in the hands of legitimate user is hard,
and proving it's being _used_ legitimately borders on the impossible
(scenario: Alice signs a malicious update while Mallory holds a gun to her
head; how do you find out from the signature? I don't think this signature
scheme has duress codes). The only thing you can do is revoke the key - but
how do you distribute the revocation to the vehicles?

However, this still prevents J. Random Crook from walking by your car with a
USB stick and an unsigned malicious update (or serving you an unsigned
malicious update while you're downloading it via his MITMed connection).

