On 7/10/20 5:22 PM, John M. Harris Jr wrote:
> Android, actually, is trying to get it right by a) being a
platform so
> that common security updates are available from the platform owner, and
> can be applied to everyone's system and b) having a secure remote update
> method.
The problem with implementing systems such as this is obvious.. If the end
user cannot upload their own firmware, because the host has a hardware
mechanism for checking the signature of the firmware, that's not good for the
end user, it's harmful. It would mean they don't actually own the system, the
vendor does.
Yes, but it it's too easy (and can be triggered remotely) it becomes a
huge problem.
I also want to be able to load alternative firmware---but it has to be
difficult, e.g. by requiring to disassemble the device and physically
access the electronics.