Many years ago, folks figured out how to crack firmware and find embedded keys. Since then, there have been many technological advances, like secure enclaves, private/public key workflows, attestation systems, etc. to avoid this exact thing.
Hopefully, the Rabbit folks spec’d a hardware TPM or secure-enclave as part of their design, otherwise no amount of firmware updating or key rotation will help.
There’s a well-established industry of Android crackers and this sort of beating will keep happening until morale improves.
Many years ago, folks figured out how to crack firmware and find embedded keys. Since then, there have been many technological advances, like secure enclaves, private/public key workflows, attestation systems, etc. to avoid this exact thing.
Hopefully, the Rabbit folks spec’d a hardware TPM or secure-enclave as part of their design, otherwise no amount of firmware updating or key rotation will help.
There’s a well-established industry of Android crackers and this sort of beating will keep happening until morale improves.