Originally Posted by DravenGSX
As of 15.26.1, both of the exploits explained in that document have been patched.
Pretty cool read though.
Sorry in advance for my ignorance if I’m incorrect- but the way I read it is the cat’s out of the bag.
You can install any working version for the specific hardware at any time- moving forward or backward. I’ve bounced around various versions on my 13/14 at different times with no problem. So you could just install the old crappy hacked version- break in- then “update” selectively to get to the latest version.
Once you let one hackable version out for a particular hardware setup it’s tough to then close it up tight. I guess you could create a “fix” by 1)forcing a particular version of new software that is “unhacked” and then 2)lock it down so you can’t go backwards (could you throw away the old keys?) . They sort of did the first part by scanning the network to make sure everyone applied the update and also blocking access to the uconnect keyfob functions if you are not on the current version. BUT- currently you can still rollback at will to a hackable version since they have good signatures, do what you want, and then (I BELIEVE) fake an update to the latest version. So it’s still not buttoned up tight.
Now if they had the ability to PUSH updates....