ESP32 Forum

ESP32 Official Forum
http://esp32.io/

Add security to inaccessible & insecure ESP32 device.

http://esp32.io/viewtopic.php?f=2&t=19283

Page 1 of 1

Add security to inaccessible & insecure ESP32 device.

Posted: Sun Jan 31, 2021 10:02 pm
by monkey
Hi all.

I have a device running in an inaccessible location. It was an early prototype and did not have security features enabled in the build. Is it possible to activate these features in an OTA update? Sorry for general question :roll: . I'm worried that I'll break the OTA connection and brick it. The features to add are Secure Boot & Encrypted Flash. Are there any other security measures available?

Cheers,

Re: Add security to inaccessible & insecure ESP32 device.

Posted: Mon Feb 01, 2021 12:03 am
by ESP_Angus
Hi monkey,

I'm afraid this is not supported. The bootloader needs to be updated to a version with these features enabled in the config, and we don't support OTA updates of the bootloader (as a failure during this part of the process would brick the device). Moreover, the partition table offset often needs to be moved to support a bootloader with these features and there is no safe method to do this in the field, either.


Angus
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/