10th Gen Honda Civic Updates Are Signed with AOSP Test Keys
8 hours ago
- #reverse-engineering
- #car-security
- #headunit-exploit
- Honda Civic headunit updates are signed with the publicly-known AOSP test key, enabling arbitrary code execution via USB without conventional root access.
- An 'evil valet' attack is possible where physical access to the car's USB port allows an attacker to install malicious updates undetected.
- The ota-builder tool simplifies creating update files that can be accepted by the headunit, such as for rooting the device.
- apk-rebuilder automates reverse engineering tasks for Honda update files, outputting resources and code without hosting sensitive source code.
- Outstanding work includes tracking known software versions, improving toolchains, exploring custom themes, and enhancing aidl-rebuilder for custom apps.
- Documentation focuses on tooling over reference docs, leveraging LLMs to query digestible forms of headunit code for specific questions.
- The project welcomes contributors for version tracking, toolchain development, and other improvements, though the author plans to transition to other projects.