Add security to inaccessible & insecure ESP32 device.

Post Reply
monkey
Posts: 21
Joined: Mon Jun 17, 2019 10:47 pm

Add security to inaccessible & insecure ESP32 device.

Postby monkey » Sun Jan 31, 2021 10:02 pm

Hi all.

I have a device running in an inaccessible location. It was an early prototype and did not have security features enabled in the build. Is it possible to activate these features in an OTA update? Sorry for general question :roll: . I'm worried that I'll break the OTA connection and brick it. The features to add are Secure Boot & Encrypted Flash. Are there any other security measures available?

Cheers,
Top
ESP_Angus
Posts: 2344
Joined: Sun May 08, 2016 4:11 am

Re: Add security to inaccessible & insecure ESP32 device.

Postby ESP_Angus » Mon Feb 01, 2021 12:03 am

Hi monkey,

I'm afraid this is not supported. The bootloader needs to be updated to a version with these features enabled in the config, and we don't support OTA updates of the bootloader (as a failure during this part of the process would brick the device). Moreover, the partition table offset often needs to be moved to support a bootloader with these features and there is no safe method to do this in the field, either.


Angus
Top
Post Reply

Return to “General Discussion”

Who is online

Users browsing this forum: Google [Bot] and 133 guests