Hacker News new | past | comments | ask | show | jobs | submit login

A validation process is a good idea but I'd still feel safer if the device were frozen with no way to update firmware. Many microcontrollers have "e-fuses" which you can blow post-manufacturing to render the program flash read-only, for example. One can also pot the board in epoxy to make tampering more difficult.



What if the current firmware has a bug that allows an attacker to steal your keys?




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: