I have a question regarding the following statement from the ESP32 Flash Encryption introduction page.
Does this mean that there is a period of time, ie once an image is downloaded and flashed, but before it has been encrypted upon next boot, where the image is available in plain text from the flash device and that the flash device could be removed from the circuit before encryption occurs and the contents read?Flash encryption is intended for encrypting the contents of the ESP32’s off-chip flash memory. Once this feature is enabled, firmware is flashed as plaintext, and then the data is encrypted in place on the first boot. As a result, physical readout of flash will not be sufficient to recover most flash contents.
Thank you.