OTA Security / Contract Manufacture
Posted: Wed Mar 11, 2020 8:31 pm
We will be manufacturing our product offshore. The plan is to provide the manufacturer with a basic app binary that will enable secure boot and flash encryption then reboot and run some diagnostics, and then pull down our application binary from a secure server in the cloud using https.
My issue/question concerns the inital binary loaded on the factory floor. This binary, the first ever run on our hardware needs to be loaded in unencrypted form as far as I can tell from the docs. It seems like an unscrupulous CM could hex dump/dissassemble this binary and get ahold of our OTA url and auth strings. Then they could use wget and pull our unencrypted app binary which has valuable intellectual property within to their computer (the https tunnel provided by OTA serving only to validate our server is legit and protect the binary from prying eyes while in transit).
Has anybody solved this problem definitively? Am I missing an important detail?
My issue/question concerns the inital binary loaded on the factory floor. This binary, the first ever run on our hardware needs to be loaded in unencrypted form as far as I can tell from the docs. It seems like an unscrupulous CM could hex dump/dissassemble this binary and get ahold of our OTA url and auth strings. Then they could use wget and pull our unencrypted app binary which has valuable intellectual property within to their computer (the https tunnel provided by OTA serving only to validate our server is legit and protect the binary from prying eyes while in transit).
Has anybody solved this problem definitively? Am I missing an important detail?