Multiple system images for over-the-air updates

What is claimed is: 1. A method comprising: by a client computing device, executing software from a first portion of memory of the client computing device; by the client computing device, downloading from a server a new version of the software pursuant to a manifest for the download, wherein the manifest comprises a manifest signature and a device unique signature; by the client computing device, installing the new version of the software into a second portion of memory of the client computing device; and by the client computing device, executing the new version of the software from the second portion of memory, wherein the executing comprises: authenticating the manifest signature with a manifest signature public key; authenticating the device unique signature with a device unique public key; and failing to execute the software from the second portion of memory if either authentication fails. 2. The method of claim 1 , wherein: the client computing device requests an over-the-air download of the new version of the software in response to an instruction from the server; and the instruction comprises an out-of-band message. 3. The method of claim 2 , wherein the request comprises the serial number of the client computing device. 4. The method of claim 1 , wherein the manifest comprises a predetermined battery state in which the client computing device must be in order to download the payload. 5. The method of claim 1 , wherein the manifest comprises a predetermined time period during which the client computing device may download the payload. 6. The method of claim 1 , wherein the manifest comprises a predetermined battery state in which the client computing device must be in order to execute the software from the second portion of memory. 7. The method of claim 1 , wherein the manifest comprises a predetermined time period during which the client computing device may execute the software from the second portion of memory. 8. The method of claim 1 wherein the manifest further comprises a first hash value for the payload, and executing the software from the second portion of memory further comprises: calculating a second hash value for the downloaded payload based on a predetermined cryptographic hash algorithm; comparing the first hash value to the second hash value; and failing to execute from the second portion of memory if the first and second hash values are not identical. 9. The method of claim 1 , wherein the manifest further comprises an encrypted serial number, and executing from the second portion of memory comprises: decrypting the serial number with a serial number public key; comparing the decrypted serial number to a serial number of the one or more computing devices; and failing to execute software from the second portion of memory if the serial number and the decrypted serial number are not identical. 10. A non-transitory, computer-readable media comprising instructions operable, when executed by one or more computing systems, to: execute software from a first portion of memory of the one or more computing systems; download from a server a new version of the software pursuant to a manifest for the download, wherein the manifest comprises a manifest signature and a device unique signature; install the new version of the software into a second portion of memory of the one or more computing systems; and execute the new version of the software from the second portion of memory, wherein the executing comprises: authenticating the manifest signature with a manifest signature public key; authenticating the device unique signature with a device unique public key; and failing to execute the software from the second portion of memory if either authentication fails. 11. The media of claim 10 , wherein: the one or more computing systems request an over-the-air (OTA) download of the new version of the software in response to an instruction from the server; and the instruction comprises an out-of-band message. 12. The media of claim 11 wherein the request comprises the serial number of the one or more computing systems. 13. The media of claim 10 , wherein the manifest comprises a predetermined battery state in which the one or more computing systems must be in order to download the payload. 14. The media of claim 10 , wherein the manifest comprises a predetermined time period during which the one or more computing systems may download the payload. 15. The media of claim 10 , wherein the manifest comprises a predetermined battery state in which the one or more computing systems must be in order to execute the software from the second portion of memory. 16. The media of claim 10 , wherein the manifest comprises a predetermined time period during which the one or more computing systems may execute the software from the second portion of memory. 17. The media of claim 10 , wherein the manifest further comprises a first hash value for the payload, and executing the software from the second portion of memory further comprises: calculating a second hash value for the downloaded payload based on a predetermined cryptographic hash algorithm; comparing the first hash value to the second hash value; and failing to execute the software from the second portion of memory if the first and second hash values are not identical. 18. The media of claim 10 , wherein the manifest further comprises an encrypted serial number, and executing from the second portion of memory comprises: decrypting the serial number with a serial number public key; comparing the decrypted serial number to a serial number of the one or more computing systems; and failing to execute software from the second portion of memory if the serial number and the decrypted serial number are not identical. 19. A system comprising: one or more processors; and a memory coupled to the processors comprising instructions executable by the processors, the processors being operable when executing the instructions to: execute software from a first portion of memory of the system; download from a server a new version of the software pursuant to a manifest for the download, wherein the manifest comprises a manifest signature and a device unique signature; install the new version of the software into a second portion of memory of the system; and execute the new version of the software from the second portion of memory, wherein the executing comprises: authenticating the manifest signature with a manifest signature public key; authenticating the device unique signature with a device unique public key; and failing to execute the software from the second portion of memory if either authentication fails. 20. The system of claim 19 , wherein: the system requests an over-the-air download of the new version of the software in response to an instruction from the server; and the instruction comprises an out-of-band message. 21. The system of claim 19 , wherein the request comprises the serial number of the system. 22. The system of claim 19 , wherein the manifest comprises a predetermined battery state in which the system must be in order to download the payload. 23. The system of claim 19 , wherein the manifest comprises a predetermined time period during which the system may download the payload. 24. The system of claim 19 , wherein the manifest comprises a predetermined battery state in which the system must be in order to execute the sof