The insecure S60 firmware updater

It's nice to see that someone with an interest in practical security issues is doing stuff with Symbian platform security. Nokia's firmware update program for S60 handsets lets you install modified ROM images on (at least) some handsets. It seems the weakest link in this security system is very, very weak. Of course, hacking doesn't get really interesting until you can hack other people's devices, but there's a quite obvious attack vector here: what if you could get users to download your modified ROM images, instead of Nokia's? I'm no security expert, but thinking about this gives me a few ideas, that I might try out. I think Nokia should be happy that their devices aren't as popular with hackers as eg. the iPhone.