this post was submitted on 27 Jun 2024
216 points (98.6% liked)

Technology

59605 readers
3345 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] fubarx@lemmy.ml 64 points 5 months ago (1 children)

Many years ago, folks figured out how to crack firmware and find embedded keys. Since then, there have been many technological advances, like secure enclaves, private/public key workflows, attestation systems, etc. to avoid this exact thing.

Hopefully, the Rabbit folks spec'd a hardware TPM or secure-enclave as part of their design, otherwise no amount of firmware updating or key rotation will help.

There's a well-established industry of Android crackers and this sort of beating will keep happening until morale improves.

[–] xthexder@l.sw0.com 9 points 5 months ago

Hahaha, that hardware is built to be as cheap as possible so they can make money on this scam of a product. I doubt the people making it even know what a TPM is from everything else we've seen.