Prevent physical reprogramming

CivicTechTO / tRacket-sensor

Design files and source code for the tRacket noise sensor

https://tracket.info

7 stars 0 forks source link

Prevent physical reprogramming #8

Closed tcsullivan closed 8 months ago

tcsullivan commented 9 months ago

Disable the ESP32's programming interface. Changing the pin modes for the USB/serial pins may be enough; also need to check on bootloader settings. Actually committing to this change will require #7 first.
Consider flash encryption or other available options to disable readout. It looks like the ESP32's hardware encryption has already been circumvented, so I'm not sure we should bother with this.

tcsullivan commented 8 months ago

This was my own idea, but after discussion we've agreed to let the devices be reprogrammable. All we really need to worry about is preventing reading/decrypting of secrets stored on the device.

tcsullivan commented 8 months ago

Just noting the actual results of the circumvention:

Requires custom hardware and flash emulation to work
Designed for external flash, while the MINI modules we're using are flash-in-chip. Would be much more difficult if not impossible to crack a module with this method.