undefined | Better HN

0 pointslayer81y ago0 comments

You cannot establish a private channel between app and car if you don’t already have either a pre-shared secret, or pre-shared trusted certification authority keys (such as to allow TLS-like tamper-resistant encrypted communication between app and car) that VW can’t replace.

Otherwise, if there is no pre-existing private channel, the key (which by the way would have to be the public key, not the private key) could be switched out by VW acting as a man-in-the-middle, allowing it to access all encrypted content going through it.

The same is true for Apple. There are parts of the protocol or the pairing where you have to trust Apple, either their servers, or if the establishment happens locally via bluetooth or similar, their software that runs on the local devices.

0 pointslayer81y ago0 comments

0 comments

5 comments · 1 top-level

amluto1y ago· 4 in thread

This argument seems like a fairly extreme example of the perfect being the enemy of the good. Sure, it would require a more advanced system for VW to prevent themselves from silently compromising their own system to learn everyone’s location. But the design I outlined will prevent a passive compromise of VW, and even possibly a court order, from learned everyone’s location, and it prevents even an active and highly malicious compromise from learning past locations.

mulmen1y ago

"Shipping the private key" does not meet the bar for "good". You still need a way to establish trust in your key distribution and also implement the system correctly. The proper way to secure access to a physical thing you own is to only communicate directly with that thing.

amluto1y ago

This is ridiculous. It would take heroic effort for VW to prevent themselves from silently uploading malicious firmware to VW cars. There are ways to do this, but it’s also a separate problem from the problem that should actually be solved here.

1 more reply

layer8OP1y ago

I was triggered by the argument “Apple knows how to allow one to find one’s devices without Apple knowing where they are. It’s not that hard.” People misunderstand this as Apple having no possibility to learn the location if they wanted to. And that’s just not the case.

amluto1y ago

Of course Apple could do this. But Apple is the one major company that actually goes out of its way not to.

j / k navigate · click thread line to collapse