If I could add a related question to this thread...
I have an 2016 Audi TT that has CarPlay enabled. My software version is 1389. This particular software version and the one higher than it (1448) on the TTRS suffers from the random screen blanking issue. This issue was only fixed in the new software update 1462 with VAG part number 4M0906961EK.
I no longer have the original FecContainer file on my car -- only the modified one with the CarPlay extensions. If I purchased the new SD card and installed it, I imagine that all of my FEC's would be deemed illegal since it isn't signed correctly ? How badly functioning would the car be in that case? Completely innoperable?
In this messed up state, would there be a path forward to log into the car and flash a patched version of either the entire ifs-root file system or possibly just stage2-ifs where the MIBroot file is found thereby making the illegal Fec file, legal again? Using the 1389 software as a test case, I have practiced decompressing the file system on the SD card, dissassembling MIBroot, patching it, and recompressing the file system. I wrote a small script to pull the existing FEC's from a container file and package them as input to the Fec generator script. One thing I have not done is flash my own car mainly because on the slim chance that I messed it up, I would need to be even more confident that I could restore the software from a crazy state.
If the root password changed on this newly released version 1462 software, even with hashcat and good GPU, I imagine it might take a while to determine the password from /etc/shadow_rcc by brute force.
Any insights to solving this problem are greatly appreciated. I have never come across a description of someone re-modifying an already modified MIB2.