Comment by hypeatei
6 hours ago
It's my first time hearing about this "eFuse" functionality in Qualcomm CPUs. Are there non-dystopian uses for this as a manufacturer?
6 hours ago
It's my first time hearing about this "eFuse" functionality in Qualcomm CPUs. Are there non-dystopian uses for this as a manufacturer?
Samsung uses this for their Knox security feature. The fuse gets broken in initial bootloader unlock, and all features related to Knox (Samsung Pay, Secure Folder, etc) gets disabled permanently even after reverting to stock firmware.
I use them in an esp32 to write a random password to each of my products, so when I sell them they can each have their own secure default wifi password while all using the same firmware.
What advantage do you see from using eFuses and not some other way to store the password?
This is the only way I could come up with that would allow an end user to do a full factory reset, and end up back in a known good secure state afterwards.
Storing it in the firmware would mean every user has the same key. Storing it in eeprom means a factory reset will clear it. This allows me to ship hardware with the default key on a sticker on the side, and let's a non technical user reset it back to that if they need to.
It gives you a 256bit block to work with - https://docs.espressif.com/projects/esp-idf/en/stable/esp32/...
1 reply →
eFuses are in most CPUs, often used for things like disabling hardware debug interfaces in production devices - and rollback prevention.
There are not. The entire premise of eFuses are that after you buy something, the manufacturer can still make changes that you can't ever undo.