> If you're trying to ship a secured product, that basically means that you have to give code/rootfs signing keys to your customers. This is a non-starter for many kinds of products that need tamper protection (whether for product, legal, or safety reasons).
Fuck that. If it's my device then I want to have control. If I want to violate part 15 of the FCC rules then I'm going to do it and nobody is going to stop me. This paternalistic rubbish has to stop, I'm sure your company would love to retain ultimate control of the thing you've sold me, but that's not compatible with a free society.
"remote"? No. I want my driver-assistance ECU to be air-gapped but fully reprogrammable locally. After all, even with a totally tivoized ECU, a physically present attacker could still make my car kill me by cutting my brake lines.
Fuck that. If it's my device then I want to have control. If I want to violate part 15 of the FCC rules then I'm going to do it and nobody is going to stop me. This paternalistic rubbish has to stop, I'm sure your company would love to retain ultimate control of the thing you've sold me, but that's not compatible with a free society.