• fubarx
    link
    fedilink
    English
    arrow-up
    63
    arrow-down
    1
    ·
    5 months ago

    Many years ago, folks figured out how to crack firmware and find embedded keys. Since then, there have been many technological advances, like secure enclaves, private/public key workflows, attestation systems, etc. to avoid this exact thing.

    Hopefully, the Rabbit folks spec’d a hardware TPM or secure-enclave as part of their design, otherwise no amount of firmware updating or key rotation will help.

    There’s a well-established industry of Android crackers and this sort of beating will keep happening until morale improves.

    • xthexder@l.sw0.com
      link
      fedilink
      English
      arrow-up
      8
      ·
      5 months ago

      Hahaha, that hardware is built to be as cheap as possible so they can make money on this scam of a product. I doubt the people making it even know what a TPM is from everything else we’ve seen.