nitrokey-start-firmware icon indicating copy to clipboard operation
nitrokey-start-firmware copied to clipboard

Published 20 hours ago verified publisher icon Nitrokey

Self flash-read protection

Open szszszsz opened this issue 5 years ago • 4 comments

Enable flash read-protection in the firmware, right on the very first device initialization.

Related: #14

szszszsz avatar Apr 25 '19 10:04 szszszsz

As reminder: https://blog.zapb.de/stm32f1-exceptional-failure/

coelner avatar Oct 04 '20 18:10 coelner

@coelner Indeed, in this view such solution is not that much needed to implement anymore.

szszszsz avatar Oct 05 '20 08:10 szszszsz

Or, like the solokey, offer a normal and a hacker version The normal version could be sealed with your glitter epoxy. Without the photo, but atleast used as visible seal?

coelner avatar Oct 05 '20 16:10 coelner

We thought about that, but epoxy does not scale well for the production. We plan to mitigate this problem by moving to another MCU in the next hardware revision. As for the user data, these are secure as long as the PIN is not brute-forced, which is why we ask to provide longer PINs since latest firmwares.

szszszsz avatar Oct 05 '20 16:10 szszszsz