Intermediary firmware deletes seed #1597
Comments
|
The fact we erase the old firmware and storage is not an oversight, but rather a feature - However, this does not fit our user story when we'd like to use interim firmware also for people with initialized devices. From my POV the only thing we need to change is to remove the call to This theoretically could open a possibility for an attacker to user interim FW to downgrade to possibly vulnerable bootloader version it is shipping. However, this is circumvented by calling |
|
Possible fix in #1600 |
|
It also removes this scary screen right?
|
|
As I understand it, there was a valid reason why the interim firmware deleted itself and the storage and that was to remove the need for user confirmation, see #4 (comment). Perhaps we could check whether the storage is initialized and delete the firmware and storage only if it's not. The check doesn't need to be complicated, we just need to look at the first word of the norcow sectors. On the other hand this behavior could create some complexity for Suite. Not sure. |
|
We have agreed that we will check the storage and:
|
|
Closed via #1600 |
Describe the bug
Intermediary FW works fine but we completely forgot we also want to give it to to users that have their device initialized. In this case Intermediary FW wipes the device completely along with seed.
Firmware version and revision
Both intermediary 1.10.0 and 1.8.0.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
Seed is kept. The Intermediary firmware wipes it which is not what we want.
The text was updated successfully, but these errors were encountered: