I have a Thingy52, but no DK. I would like to know if it is today possible to upload a custom firmware only using OTA (no DK), eventually starting from the Nordic Thingy app firmware source?
I asked this, because I managed to create a dfu package using nrfutil, starting form Nordic Thingy app source(using keil to compile), but I always get an INVALID OBJECT error message when trying to perform OTA suing nrfConnect app, while it works successfully using the zip file provided by Nordic (thingy_dfu_pkg_app_v2.1.0.HW_1.0.zip)
I'm afraid the problem is that I'm compiling with my a generated private which is different from the one used by Nordic to compile the bootloader.
Is it possible to perform DFU on devices implementing the Secure DFU by using a new private key?
Can Nordic release a dfu zip package to unlock Thingy devices to receive custom firmware with new private key files?
Thanks in advance!
The fact that you need the correct private key in order to make a valid DFU packet is one of the main features of our secure DFU solution. It makes the DFU "secure" in the sense that only updates sanctioned by the original firmware producer are accepted.
We do not currently have a DFU package that "unlocks" the Thingy:52 for unsigned DFU, although it is a good idea and an idea we are looking into.
For now I must refer to the answers in the How to flash bootloader to thingy 52 thread. You must update the bootloader by wire, to a bootloader built with your public key, in order to perform DFU with packets made using your private key.
Hi, any news on Thingy unlocking?
Another option would be to open source the private key the Thingy is shipped with, to let anyone to be able to flash the Thingy with other firmware found on the internet, withouth the need to: be a developer, buy a development kit and flash by wire
We certainly see the benefit of "unlocking" the Thingy for OTA DFU to custom firmware. On the other hand we have to consider the security ramifications of providing such an update path. Sharing the private key is not an option.
Perhaps we will find a solution, but for the time being you must connect physically to a programmer in order to switch over to your own key pair.
Still no change here?
Sure, sharing the key is not an option, but publishing a bootloader that takes three button presses while blinking red (or anything to that effect) and then takes any firmware would be.
The Thingy:52 (with its factory firmware) is a platform for development and experimentation, what security ramifications are there? Any confidential IFTTT or similar tokens a user might have stored on their Thingy can be wiped by that bootloader, Any production user of the Thingy use bootloaders with own keys anyway, on which that open bootloader won't upload. If someone really uses the stock firmware for any productive purpose, they're already open to passerbys reflashing their device with the stock firmware, thereby disrupting any service that's provided.
The absence of open bootloading is severly hampering the use of the Thingy:52 for low-threshold experimentation.
Programming the Thingy:52 with custom firmware still requires a J-Link programmer.
Thank you for the suggestions.