On Friday 10 February 2012 15:29:05 Mike Frysinger wrote: > On Friday 10 February 2012 09:12:10 Frans Meulenbroeks wrote: > > E.g. if you deliver boards/systems with u-boot on it and you do not > > want customers to enter u-boot (e.g. by accident or because they want > > to hack the board), but you would allow authorized service personnel > > to access the board. > > i've seen people in the past ship their boards with u-boot defaulting to > silent mode and the autostop key set to a ctrl sequence. that addresses > pretty much addresses this.
blah, i need to stop inline editing sentences. "that pretty much addresses the needs here". if you're concerned about people attacking the system, you need to be realistic and lay out exactly what you want to protect and why/how. the best example in the embedded world i've seen of this so far is the ARM TrustZone whitepaper. they're realistic and up front with what TrustZone does and does not protect against. waving your hands around and saying "doing XXX is more secure and therefore we should do it" is theater. i'm not against passwords or ASLR or anything else in u-boot, but like Wolfgang said, let's see the realistic plan. -mike
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/mailman/listinfo/u-boot
