Comment by torginus

Embedded devices that go on the internet by (to update) themselves are an anti-pattern.

I run a bunch of stuff using Home Assistant via the Zigbee integration - the Zigbee host on the local server gets to decide where to install updates from - which was the security mechanism for most most software for most of history.

Get your stuff from a reputable source. Signage keys are nice, but they don't work as the sole security measure in an unsound supply chain.