On 6/9/15, Christian Gagneraud <[email protected]> wrote: > ... > so with physical access to the hardware you can ...
if your threat model is NSA, and they get arbitrary physical access, you have concerns much larger than insecure default JTAG configurations... i'd be happy with a device providing system JTAG controller restrictions (IEEE 1149.1, 1149.6) bound by efuses. most of these features go un-used in practice. :/ best regards,
