On Monday 03 November 2014 07:11:48 CJ wrote: > Well, I hope you will implement firmware signature checkā¦ this would > prevent most of the MitM problems. > This should be optional though, in order to let "power-users" mess with > their own firmware if they want. > Better: let them push their own key on their very own device so that > they might as well secure their updates.
As you can see from earlier posts - finding the best method for updating is still very much a work in progress. One thing is for sure though - the hardware will be open and the source open source, so anybody will be able to write and build their own firmware and update the device. "Firmware signature check" is a bit hard to do with any authority if the hardware in itself is open enough for people to write their own firmware, but I was thinking https certificate check for the automatic updates - in fact playing with that already (https://download.reclaim-your-privacy.com). -- Lars Boegild Thomsen https://reclaim-your-privacy.com Jabber/XMPP: l...@reclaim-your-privacy.com -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
