HN

Comments (22)

• Menu

  londons_explore
  Real security processors never give big bounties because when bugs are discovered all the buyers immediately cancel their orders of the 'faulty' secure chips.They'd prefer to live in ignorance.
• Menu

  lll-o-lll
  What an interesting talk, and an interesting concept also. Open source hardware security; get the security researchers interested and fix the security defects.The “read the data out with a super expensive microscope” remained. Is there any way to defeat that attack I wonder? I suppose the hsm model of “destructive tamper detection” is one way.
• anon
  undefined
• IlikeKitties
  There's a lot of people that believe that hardware remote attestation will be the end of computational freedom. I'm glad to see that bypasses are still quite possible.
• Menu

  lysace
  I've had a bit of a difficulty of understanding the actual benefits of proper secure boot vs zero protection.I've arrived at this understanding: secure boot sometimes allows you to recover a compromised fleet without recalls. Instruct the customer to disconnect the device, reboot it and then somehow reflash it before getting infected again? Seems fraught with errors though.When I worked with IoT HW companies in Taiwan their understanding tended to be along the lines of: "it makes the device secure" or "it prevents the firmware from being used by clone devices".(It's been a while since I worked in this area.)
• Menu

  michaelt
  Seems a bit of a strange feature to even want on a product targeting the education market. In a classroom setting you don't really want students to be able to set fuse bits so the device can't be re-programmed.Presumably this is a sign RPi are deliberately aiming to straddle the hobby and light commercial markets?