[Cryptography] Security vulnerabilities in BMW's ConnectedDrive

[Jerry Leichter]

On Feb 9, 2015, at 7:25 PM, Tom Mitchell <mitch at niftyegg.com> wrote:
> I am also curious if [BMW] painted themselves into a corner where physical hardware needs replacing?
Auto makers have a long history of having to replace hardware in order to resolve problems with cars they've sold - including cars they sold many years ago.  (Look at the rolling disaster of the airbags in millions of cars for an example.)  So, of all the players out there, they are probably the best able to deal with that need, should it come to it.

There are infrequent physical fixes done by computer hardware makers.  Apple has had a couple - e.g., to replace disk drives that failed too frequently in one generation of iMac's.  (In other cases, they haven't been as willing to replace allegedly faulty hardware, which has led to some lawsuits.)  Other hardware makes have probably done the same, though I don't off-hand recall any examples.

(One thing Apple and auto makers share is that they maintain a relationship with their customers - so they have some way of reaching them and getting them to come in.  It's a great deal harder for companies that sell indirectly through retailers; often they have no idea who has their products.)

                                                        -- Jerry