If a car can receive OTA updates from the manufacturer, then it can receive harmful OTA updates from an attacker who has compromised the car’s update mechanism or the manufacturer.

There's potential for a very dystopian future where we see people assassinated, not via car bomb but via the their cars being hacked to remove braking functionality (or something similar). And then a constant game of security whack-a-mole like we see with anti-virus software. And then some brilliant entrepreneur will start selling firewalls for cars. And then it'll be passed into law that it's illegal to use a vehicle that doesn't have an active firewall/anti-virus subscription.

It almost feels like the obvious path things will go down. Yay, capitalism...

I'm not totally opposed to software being used in cars (as long as it's tested and can be trusted to the degree mechanical components are) but yeah, OTA updates just seem like a terrible idea just for a little convenience. I'd rather see updates delivered via plugging the car in (and not via the charging port - it would need to be a specific data transfer port for security reasons). Alert people when there's an update, and even allow the car to "refuse to boot" if it detects it's not on the latest version. But updates should absolutely be done manually and securely.