this post was submitted on 08 Aug 2024
16 points (100.0% liked)

Technology

34904 readers
301 users here now

This is the official technology community of Lemmy.ml for all news related to creation and use of technology, and to facilitate civil, meaningful discussion around it.


Ask in DM before posting product reviews or ads. All such posts otherwise are subject to removal.


Rules:

1: All Lemmy rules apply

2: Do not post low effort posts

3: NEVER post naziped*gore stuff

4: Always post article URLs or their archived version URLs as sources, NOT screenshots. Help the blind users.

5: personal rants of Big Tech CEOs like Elon Musk are unwelcome (does not include posts about their companies affecting wide range of people)

6: no advertisement posts unless verified as legitimate and non-exploitative/non-consumerist

7: crypto related posts, unless essential, are disallowed

founded 5 years ago
MODERATORS
 

We’re happy to announce the launch of Raspberry Pi Pico 2, our second-generation microcontroller board, built on RP2350: a new high-performance, secure microcontroller designed here at Raspberry Pi.

With a higher core clock speed, twice the memory, more powerful Arm cores, new security features, and upgraded interfacing capabilities, Pico 2 delivers a significant performance and feature uplift, while retaining hardware and software compatibility with earlier members of the Pico series.

Pico 2 is on sale now, priced at $5.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 6 points 3 months ago (1 children)

RP2350 specs:

  • Two 150MHz Arm Cortex-M33 cores, with floating point and DSP support
  • 520KB of on-chip SRAM in ten concurrently accessible banks
  • A comprehensive security architecture, built around Arm TrustZone for Cortex-M, and including:
    • Signed boot support
    • 8KB of on-chip antifuse one-time-programmable (OTP) memory
    • SHA-256 acceleration
    • A hardware true random number generator (TRNG)
  • An on-chip switch-mode power supply and low-quiescent-current LDO
  • Twelve upgraded PIO state machines
  • A new HSTX peripheral for high-speed data transmission
  • Support for external QSPI PSRAM

Looking pretty good. I especially like the security features.

[–] [email protected] 2 points 3 months ago (1 children)

Not really a fan of putting secure boot on. The only purpose that serves is locking the customers out of their purchased hardware. Raspberry Pi is clearly not targeting the maker market with those changes, they want that corporate money and are willing to stick the finger to hackers and makers in the process. Can't make custom firmware if you can't boot it.

[–] [email protected] 4 points 3 months ago (1 children)

That's usually not how secure boot is configured on microcontrollers. They usually come with no code installed and an unsigned bootloader, and therefore no barrier for you to flash what you want on it.

In fact, the STM32 has secure boot, and it's still one of the most popular microcontrollers for makers and hackers. That's because the secure boot feature is there for developers, hackers and makers to use if they want to.

[–] [email protected] 1 points 3 months ago (1 children)

True, but if you buy a finished product that uses the new chip that has secure boot enabled, you can't flash your own firmware. From what I gather, the boot keys are burned into OTP memory so they can't be erased or changed. The chip is permanently locked to that firmware.

[–] [email protected] 3 points 3 months ago (1 children)

That's correct.

the boot keys are burned into OTP memory so they can't be erased or changed

Which is good, as otherwise it would defeat the purpose of secure boot.

[–] [email protected] 5 points 3 months ago* (last edited 3 months ago)

I wish these implementations of secure boot were designed more to protect the SOFTWARE against "theft" than the HARDWARE against "tampering". Let us wipe the secure boot keys, but in the process erase the firmware (or have the firmware encrypted so that erasing the keys renders it unbootable) and then allow new code to run. Blocking third party firmware on consumer devices is a shit move. It just creates more e-waste when the OEM stops updating it and the community can't make their own replacement firmware.