← Back to context

Comment by brookst

4 months ago

The end user protection is to sign updates and publish the fingerprints. It should not be possible for one device to get a different binary than everyone else.

How exactly do you plan on implementing this as an end user?

Even if you somehow manage to ensure 100% consistency with other users for updates you manually “pull” from the vendor, the vendor could simply have your device automatically reach out and update itself with a stealth update.

Or everyone can get the same exact binary, but it has a hash code check on it that activates the evil bits only on your device.

Etc…