Bonjour,
Le Sun, 12 Mar 2017 21:31:27 +0200 Bill Kontos vkontogpls@gmail.com a écrit:
One can argue of going the signed firmware route for security is a good or a bad practice and I agree with you that the unbrickable design of the A20 is a better one, but that is irrelevant in the case of Ryzen chips: They have already been taped out so we have to work with what we are given.
Which, some would argue, is the reason why they should have thought, long before tapeout, of a (re)programmable key mechanism instead of a ROMed or OTP one. It would have made it possible to write a secret key in the device and be sure it won't be read back [1], while preventing said device from being locked-out or bricked, because you can always mass-erase it back to "no key" state. (that's what's done on Kinetis SoCs for the whole internal flash, to give one example, although they /do/ offer a way to lock the device completely if some manager really wants that despite the repeated warnings from his tech people).
[1] Barring any cracking of the device's security, but that's a risk for ROMmed keys too.
Amicalement,