[SOLVED] Is it safe to not do firmware updates?

General discussions and questions abound development of code with MicroPython that is not hardware specific.
Target audience: MicroPython Users.
Post Reply
BetterAutomations
Posts: 36
Joined: Mon Mar 20, 2017 10:22 pm

[SOLVED] Is it safe to not do firmware updates?

Post by BetterAutomations » Sat May 08, 2021 3:42 am

I am developing a product for sale which sends status updates to Google IoT via MQTT. It seems there are no good options for updating the firmware remotely. If I ship without this ability, is this safe? I don’t want to be responsible for spreading worms and such.

I reviewed the change log for the words “security” and “vulnerability” or “crash” and it seems this is not common. The device does not listen on any ports and would be installed behind customer firewalls, and only communicate to Google using a pre-shared key.

I would be able to update the scripts. This question is about the firmware.

Is it safe to proceed without firmware OTA ability?
Last edited by BetterAutomations on Tue Jun 08, 2021 11:03 pm, edited 1 time in total.

katte82
Posts: 5
Joined: Tue Jun 08, 2021 2:21 pm

Re: Is it safe to not do firmware updates?

Post by katte82 » Tue Jun 08, 2021 8:26 pm

In short, no.
You can do it, but it's not professional.
What will you do if google for some reason changes its API?

BetterAutomations
Posts: 36
Joined: Mon Mar 20, 2017 10:22 pm

Re: Is it safe to not do firmware updates?

Post by BetterAutomations » Tue Jun 08, 2021 11:02 pm

Google changing it's API would have been fine. Without OTA, I could have downloaded new scripts--but not firmware, which is the concern of this question.

But I am good now. I had asked this question when I didn't know that there is in fact a way to do OTA. I will be using this code:
viewtopic.php?f=18&t=8433&p=58447#p47873

Post Reply