They'd prefer to live in ignorance.
Do you pay out to all of them? Do you make them sign an NDA without guaranteeing you'll pay them? Do you tell the 2nd etc discoverers to go away and hope they don't reveal it?
If you pay out to all of them, there's a strong incentive to leak info and collect multiple bounties for the same vulnerability.
The “read the data out with a super expensive microscope” remained. Is there any way to defeat that attack I wonder? I suppose the hsm model of “destructive tamper detection” is one way.
Get your chip made with the latest TSMC process and get features so small nobody else, even superpowers and trillion-dollar tech companies working together, can manipulate them :)
I think it’s common knowledge by now that the smallest feature in a 5nm chip isn’t really 5nm. So that’s not (yet?) a viable strategy.
I've arrived at this understanding: secure boot sometimes allows you to recover a compromised fleet without recalls. Instruct the customer to disconnect the device, reboot it and then somehow reflash it before getting infected again? Seems fraught with errors though.
When I worked with IoT HW companies in Taiwan their understanding tended to be along the lines of: "it makes the device secure" or "it prevents the firmware from being used by clone devices".
(It's been a while since I worked in this area.)
If you depend on your firmware remaining secret, however, you have to contend with the black hat version of the presenters. They are expert at extracting firmware and cloning. Some applications choose FPGAs in part because the equivalent of their firmware (the bitstream) is itself nearly impossible to reverse engineer. That means that a one-for-one clone is possible, but you can't alter the design, and have to use the exact same part.
michaelt•1mo ago
Presumably this is a sign RPi are deliberately aiming to straddle the hobby and light commercial markets?
rcxdude•1mo ago
Tharre•1mo ago
But I don't think that "targeting the education market" is accurate in the first place. They certainly make sure to serve that market with their very nicely priced Pico boards but it hardly seems to be their only goal. You don't go through the effort of spinning up a new revision to fix security holes if there aren't at least some industry customers.
SequoiaHope•1mo ago
guenthert•1mo ago
JayHLee77•1mo ago
As to students being able to set the efuse so the device can't be reprogrammed, sure but they're $5 each so it's not like they're destroying a $500 Chromebook (which they do, look on YouTube). That risk is the cost of attempting to educate though (and it's worth it).
Retr0id•1mo ago