Bonjour, Le Sun, 12 Mar 2017 21:31:27 +0200 Bill Kontos <[email protected]> a écrit:
> One can argue of going the signed firmware route for security is a > good or a bad practice and I agree with you that the unbrickable > design of the A20 is a better one, but that is irrelevant in the case > of Ryzen chips: They have already been taped out so we have to work > with what we are given. Which, some would argue, is the reason why they should have thought, long before tapeout, of a (re)programmable key mechanism instead of a ROMed or OTP one. It would have made it possible to write a secret key in the device and be sure it won't be read back [1], while preventing said device from being locked-out or bricked, because you can always mass-erase it back to "no key" state. (that's what's done on Kinetis SoCs for the whole internal flash, to give one example, although they /do/ offer a way to lock the device completely if some manager really wants that despite the repeated warnings from his tech people). [1] Barring any cracking of the device's security, but that's a risk for ROMmed keys too. Amicalement, -- Albert. _______________________________________________ arm-netbook mailing list [email protected] http://lists.phcomp.co.uk/mailman/listinfo/arm-netbook Send large attachments to [email protected]
