How do we know if we are affected? does it only affect users of secure boot (Trusty?) or does it affect any users of Jetpack regardless of features used?
it’s SecureBoot to ensure boot security,
SecureOS (Trusty) to include security features to ensure code and data on a device is protected.
as you can see,
there’s software update to addresses security issues. to protect your system, it’s suggest moving to the latest release to include the fixes. you may also dig into descriptions for a summary of potential vulnerabilities.
thanks
I understand that and understand that we need to upgrade (quite difficult due to lack of OTA in JP 3.x branch but that is a different topic) but the question is not about that, the question is to understand if we are affected.
If secure boot is not used does it mean that trusty is not used? can an attacker used such vulnerabilities on a JP flashed without secure boot enabled?
to be honest, every devices connect to ethernet isn’t secure.
the concept of SecureBoot is to prevent execution of unauthorized code during boot process through chain-of-trust;
those authenticates boot components (such as, Boot Configuration Table, bootloader binaries, and warmboot vector) were signed using private key.
there’s PKC (to sign) used to ensure data integrity.
with PKC protection, if there’s any boot code changes or corruption, boot should not be able to go through.
there’s SBK (to encrypt) to protect data confidentiality.
with SBK protection, boot code should be properly encrypted, it will check signature for boot.