Now the man wants *usable* security!
;-) you are correct. Although if you release a lot of updates in a short time
period, you could choose not to swap the pubkey... Since the leak happens by
giving time to attack the key. That would let you skip ahead to the last update
before changing the key.
Of course, that requires you knowing in advance you will release a lot if
updates, or setting a fixed policy ("we will change the key monthly").
Hum.
One more example of why hardened security does not happen by default. It really
stands in the way.
Best-F
Sent from my iPhone
> On Feb 22, 2014, at 8:49 PM, Mark Komarinski <[email protected]> wrote:
>
> Doesn't that mean that you have to install every update in sequence?
_______________________________________________
Hardwarehacking mailing list
[email protected]
http://lists.blu.org/mailman/listinfo/hardwarehacking
