When the applications and services get to be a bit more interesting, we're
going to start getting more paranoid. It does pay to think about these
things now while it's still manageable to change them if necessary.
I think the right thing is to encrypt the sensitive data so that it's not
easily accessible without appropriate keys and authentication. I don't
think we need to add an authentication layer to the firmware. Firmware is
not much of a barrier to reading flash. If I have physical access to the
device I can start reading flash in 10 minutes without running any code on
it.
Jamey
Received on Thu Mar 22 15:37:18 2001
This archive was generated by hypermail 2.1.8 : Tue May 04 2004 - 09:42:22 EDT