PhatFil
Posts: 1640
Joined: Thu Apr 13, 2017 3:55 pm
Location: Oxford UK

Re: Destroy pi sd card... On purpose if removed

Wed Mar 25, 2020 2:38 pm

Greg Erskine wrote:
Sat Mar 21, 2020 8:55 pm
First rule of security: Do not discuss your security strategy on a public forum. :lol:
second rule implement the simplest solution. potting the device in an epoxy is the general approach

cleverca22
Posts: 395
Joined: Sat Aug 18, 2012 2:33 pm

Re: Destroy pi sd card... On purpose if removed

Wed Mar 25, 2020 5:44 pm

dickon wrote:
Tue Mar 24, 2020 10:58 pm
Secure Boot is broadly worthless anyway, because of the problem mentioned above: it requires the *entire stack*[0] to be secure: firmware, bootloader, kernel[1], *anything which may be executed as root*[0] (or equivalent), and anything which can be influenced to execute anything as root.

[0] FFS...
[1] And anything running in kernel context, such as your anti-virus suite; google 'sophail' for much amusement.
yeah, thats how the roku2 was hacked, there was a bug in the UI that gave a root shell
PiGraham wrote:
Wed Mar 25, 2020 8:47 am

I found this info on verified booting: https://blog.nviso.eu/2019/04/01/enabli ... erry-pi-3/

I can see the sense of it for closed-source OS binaries on controlled hardware, but how is it supposed to work for open source OS on uncontrolled hardware? Anyone can buy a RPi that is not, and should not be, locked down. They can build their own kernels and do what they like so none of this prevents anyone running Raspbian, or another OS, on a clean RPi board.

It works for DRM on particular devices where you want to deny root access and prevent custom kernels running, but that is contrary to the goals for Raspberry Pi, isn't it?
the idea is less about something thats configured on every single pi
and more about the creator of a certain product, re-selling pi's that are specially modified to only run their software
even if you can clone the software on the SD card, the specially modified pi is the limiting factor, and acts like a physical dongle/license key
PhatFil wrote:
Wed Mar 25, 2020 2:38 pm
Greg Erskine wrote:
Sat Mar 21, 2020 8:55 pm
First rule of security: Do not discuss your security strategy on a public forum. :lol:
second rule implement the simplest solution. potting the device in an epoxy is the general approach
but youll want to use an epoxy that is similar to the uSD epoxy, so any attempt to selectively melt it with acid, will also melt the uSD card itself!

mikerr
Posts: 2824
Joined: Thu Jan 12, 2012 12:46 pm
Location: UK
Contact: Website

Re: Destroy pi sd card... On purpose if removed

Wed Mar 25, 2020 6:04 pm

Have your licence/key online, so it can be permanently revoked on suspicious access (starting in another pi/location).
Android app - Raspi Card Imager - download and image SD cards - No PC required !

PiGraham
Posts: 3880
Joined: Fri Jun 07, 2013 12:37 pm
Location: Waterlooville

Re: Destroy pi sd card... On purpose if removed

Wed Mar 25, 2020 7:03 pm

cleverca22 wrote:
Wed Mar 25, 2020 5:44 pm

the idea is less about something thats configured on every single pi
and more about the creator of a certain product, re-selling pi's that are specially modified to only run their software
even if you can clone the software on the SD card, the specially modified pi is the limiting factor, and acts like a physical dongle/license key

/quote]

It's the other way round I think. Not selling RPis that only run a particular program. Rather, selling a program (with a RPi) that will not run on any other RPi.

Unsecured RPis are therefore easy to get, unlike,say, unsecured games consoles or maybe locked smartphones. So anyone can copy the SD card and do what they like to the RPi. On the copy there is no secure boot, there is full root access.

Return to “Advanced users”