Replying to Avatar DETERMINISTIC OPTIMISM 🌞

Bitcoin singing devices must check the firmware signature at boot.

Not enough users check every download, NO user will check it before every boot.

This is a security anti-pattern, a terrible UX regression.
Avatar
thePR0M3TH3AN ✝️ 🥩 🍊 1y ago

I'm comfortable with validating the nostr:nprofile1qqs09jtvjlmyrxjn37zv70a89csegcz7rpyqjmnw29cveedhv7vagqqpz4mhxue69uhk2er9dchxummnw3ezumrpdejqz9rhwden5te0wfjkccte9ejxzmt4wvhxjmcpzpmhxue69uhkummnw3ezuamfdejs92xe5k firmware before use, then loading that into the device memory. I also like to keep the validated OS version on a read-only CD backup.

Reply to this note

Please Login to reply.

Discussion

Avatar
DETERMINISTIC OPTIMISM 🌞 1y ago

Good luck, and I hope all other users too.

Avatar
Entropius85🪐 1y ago

Yeah, a firmware on “a” raspberryPi can be validated, as nostr:npub1az9xj85cmxv8e9j9y80lvqp97crsqdu2fpu3srwthd99qfu9qsgstam8y8 said. Good luck

Avatar
thePR0M3TH3AN ✝️ 🥩 🍊 1y ago

Do you mean "can't be validated"? Right? Just making sure.

Avatar
thePR0M3TH3AN ✝️ 🥩 🍊 1y ago

How is trusting the signer of the code repo any different from trusting the author of the validation checker?