Security patterns and anti-patterns in embedded development
Security patterns and anti-patterns in embedded development
Posted May 6, 2024 10:28 UTC (Mon) by LtWorf (subscriber, #124958)Parent article: Security patterns and anti-patterns in embedded development
> Ideally, they would be stored on hardware tokens or systems that are air-gapped from the main network to reduce the chance they could be exfiltrated.
I fear that in practice, they are kept on vault so that they can be used automatically, and be vulnerable to being exfiltrated by anyone who can place a "echo $PRIVKEY" in the appropriate place.