A good day at work. On the second to last test of the gizmo that I was doing, I found that
(my simulated) error reset the gizmo. This was quickly fixed, but it was rewarding to find
a heavy-duty bug.
Also had discussions about how to license features. Here my background in cryptography
and threat analysis helped. First, you define your threat model ---a malevolent service tech
with a smart nephew to help with computer stuff. The Fundamentals of Security as Economics
(you don't put a $10,000 security system into a $2,000 car); Convenience vs. Security too.
Also the volumes and attractiveness of the target matters ---not many virii for Macs, because
they're too small a target. We've included all kinds of connectors on the production circuit
boards, stuff that would make an attractive high volume target like an X-Box toast. And
understanding hash functions, and trusted boundaries. All good stuff. In the end, instead of
having some of the bootloader firmware be the Enforcer, a PC tool will be, which is weaker,
but sufficient. I suggested requiring a password with the PC tool, much as your ATM card
requies a PIN to use it.
Impressed by how the brilliant folks at work knew or picked up this stuff so quickly.