Originally Posted by conradb
You lost faith in BMW now because some thieves exploited a security vulnerability in some software? You may as well just stop using computers all together if that if your stance.
I'm sorry your car got stolen, but just saying "I've lost faith in BMW" is pretty short-sighted and ignorant. Cars get stolen all the time. Do people blame the mfg that the locking mechanism wasn't thief-proof?
Hint: There's no such thing as fool-proof security. Everything is breakable/hackable. It's the central tenet of security.
Not so fast...
What becomes painfully obvious here, IMHO, is that this specific function (namely pairing a new key to the car) is protected worse than some other "software" functions, like:
- Navigation maps
- Modifying the ECU software
- Navigation functionality in the CIC
- Speech recognition
- VMax un-limiting (M Driver's Package)
All of those are protected using cryptographic functions and are very hard to break (as far as I know, only the first two have been done as of now).
That is how BMW protects things they are interested in, because these features generate revenue - unlike if they protect you car from being stolen, where the opposite is true.
Honi soit qui mal y pense.