Saturday, 2018-02-10

*** tpb has joined #tomu00:00
*** kyoron has quit IRC00:31
kyaputenhi motwok00:36
*** futarisIRCcloud has quit IRC08:39
*** Kokjo has quit IRC08:53
*** futarisIRCcloud has joined #tomu09:05
xobsPrototype PCBs from Hackvana for plastics measurement arrived today:
*** nrossi[m] has joined #tomu09:35
*** Kokjo has joined #tomu09:43
*** futarisIRCcloud has quit IRC11:14
kyaputenx = reset ?12:09
kyaputenmithro & xobs: by the way, I thought of a use of the crowdsupply campaign: you could create a small bounty program regarding security12:10
xobsx = reset, yeah.12:11
kyaputenAs I believe many uses will includes secrets inside the tomu, it could be useful to have security review12:11
*** futarisIRCcloud has joined #tomu12:11
kyaputenthe main scenario of attack I see is that if I lose my tomu, I don't want the secret inside to be readable12:12
kyaputenbut I don't know if that's realistic or not12:12
kyaputen(of course people will be able to use it as a black box)12:12
xobsIt doesn't have a whole lot of security from that perspective.12:13
kyaputenIsn't it "lockable" though ?12:14
xobsIt is, you can disable SWD.12:14
xobsAnd you can cause Toboot to not allow manual entry.12:15
kyaputenand from that point, I could have a special toboot that only allows signed apps to run (signed by me if I patch toboot or signed by tomu's main key in general case)12:15
kyaputenso "theoretically" I couldn't write a flash stealing app and write it to tomu without resetting the whole flash12:16
xobsYou could do that, but it wouldn't be Toboot anymore.  Toboot runs entirely from RAM, and is already pretty close to full.12:16
kyaputenmy bad didn't think of that point12:17
xobsAPI V2.0 will support "compulsary erase blocks" where an existing application can request certain blocks be erased when a new program is loaded.12:17
kyaputenand it would probably need to half the flash (in order to be able to verify one part while having the other as a backup)12:17
kyaputenregarding "erase blocks", I read that but the only scenario I see is that we have a secret that can be thrown away with updates12:19
*** earthnative has quit IRC14:39
*** earthnative has joined #tomu14:40
*** earthnative has quit IRC15:03
*** earthnative has joined #tomu15:04
*** earthnative has quit IRC15:11
*** earthnative has joined #tomu15:16
*** earthnative has quit IRC15:25
*** earthnative has joined #tomu15:25
*** futarisIRCcloud has quit IRC15:34
*** earthnative has quit IRC15:36
*** earthnative has joined #tomu15:43
*** earthnative has quit IRC15:49
*** NoGodDamnIdea has joined #tomu15:49
*** earthnative has joined #tomu15:50
*** NoGodDamnIdea has quit IRC16:31
*** NoGodDamnIdea has joined #tomu17:15
*** NoGodDamnIdea has quit IRC18:23
mithroxobs: You should get @bunniestudios to retweet your v0.4.3 tweet18:25
mithroxobs: Having some kind of "authenticated" bootloader would be a cool feature18:25
*** NoGodDamnIdea has joined #tomu18:34
*** GuyNoIR has quit IRC19:53
*** GuyNoIR has joined #tomu19:54
*** NoGodDamnIdea has quit IRC21:04
*** FireFly has quit IRC21:40
*** _anomaly_ has quit IRC21:40
*** benonsoftware has quit IRC21:40
*** ckeepax has quit IRC21:40
*** nrossi[m] has quit IRC21:40
*** SergeiG has quit IRC21:40
*** iinaj has quit IRC21:41
*** mithro has quit IRC21:41
*** biot has quit IRC21:41
*** iinaj has joined #tomu21:45
*** mithro has joined #tomu21:45
*** biot has joined #tomu21:45
*** iinaj has quit IRC21:45
*** iinaj has joined #tomu21:46
*** nrossi[m] has joined #tomu21:48
*** ckeepax has joined #tomu21:48
*** SergeiG has joined #tomu21:48
*** benonsoftware has joined #tomu21:48
*** _anomaly_ has joined #tomu21:48
*** FireFly has joined #tomu21:48
*** nbags[m] has quit IRC21:48
*** etdf_user4[m] has quit IRC21:49
*** kasbah[m] has quit IRC21:49
*** matthegap[m] has quit IRC21:49
*** M7qXN9pM[m] has quit IRC21:49
*** nrossi[m] has quit IRC21:49
*** iinaj has quit IRC21:49
*** iinaj has joined #tomu21:49
*** PCReaper has joined #tomu22:03
*** PCReaper has quit IRC22:04
*** nbags[m] has joined #tomu23:08
*** M7qXN9pM[m] has joined #tomu23:36
*** kasbah[m] has joined #tomu23:36
*** nrossi[m] has joined #tomu23:36
*** etdf_user4[m] has joined #tomu23:36
*** matthegap[m] has joined #tomu23:36

Generated by 2.13.1 by Marius Gedminas - find it at!