For my 2009, there was a field in the image called HMAC. Did any of the files you loked at contain a signature or HMAC? If there is a signature, it be at least 1024 bits long, likely 2048.

it's fairly straightforward to verify that some authentication is used in addition to the hash's integritity function. First see if you can generate the the same hash for one of the files. The hash values you show are 256 bits long, so I'd try SHA256 first. (MD5 is half that length.) Once you can do that, you have verified that you have the right algorithm, the file is just hashed in its entirety, and there isn't a salt (or the hashes aren't HMACs).

With this information, change one of the internal files (the .XML one is a nice candidate), recalculate the hash, put the changed file and new hash back in and see if the truck will accept it. I'm not optimistic though.

 

I'm sorry. I've apparently stumbled into the wrong thread.

 

Changing embedded software isn't as easy as it used to be. As our vehicles get more and more complex, mod discussions will look more and more like this.

 

a little off subject, but how do you access the Sync diagnosis screen on the SD's? I know you can plug in Forscan to change the startup images, but seems easier to do it through the diagnosis screen

 

• On newer trucks without a CD player, you press and hold the steering wheel right menu button, then press and hold the dash's right menu button.
• On trucks with CD player, you press and hold eject and scan at the same time for up to 20 seconds. (I've never actually tested this as my truck is 2019 without CD player.)

Remember, through the diagnostics menu, the image changes are not permanent.

 

That's a fact. Personally, I'm glad they've made it more secure, even if it is more difficult for us to ethically hack our own vehicles.

 

No, you're absolutely correct. I was just joshing, but I actually was able to follow most of the discussion.

 

And we need to stand up to the OEMs and corporations for the Right to Repair. I believe that I own my truck, not Ford, and if I want to replace the code in it, I should be able to do so. Ford should have to allow its code to be reviewed for security purposes etc and we should be able to purchase all the same tools and parts and info that the dealers can purchase.

See https://repair.org/ Support if you agree.

 

I agree with the right to repair, but not that you should be able to change the code of your truck. You don't own the patents, and they certainly shouldn't warranty your truck for anything you change on it. I can only imagine the lawsuits they would have to fight if you changed the drive by wire code and it borked at went full throttle at a school crossing or something. I totally understand that need in vehicles...in Android or iOS phones not so much.

 

Well, I believe I should be able to change my own product, but in so changing it that should relieve Ford of responsibility....unless their design is found to be at fault. I can put different wheels and tires or change the engine program (Banks etc), why shouldn't I be able to change other aspects of the code? I hate all these nagging safety things that are designed to protect stupid people from themselves.

 

Stupid people need to be protected from themselves.

 

People need to be protected from stupid people.

 

True that!