MicroPython Forum (Archive)

Please see the new forum at
https://forum.micropython.org/

[SOLVED] Is it safe to not do firmware updates?

https://forum.micropython.org/viewtopic.php?f=2&t=10475

Page 1 of 1

[SOLVED] Is it safe to not do firmware updates?

Posted: Sat May 08, 2021 3:42 am
by BetterAutomations
I am developing a product for sale which sends status updates to Google IoT via MQTT. It seems there are no good options for updating the firmware remotely. If I ship without this ability, is this safe? I don’t want to be responsible for spreading worms and such.

I reviewed the change log for the words “security” and “vulnerability” or “crash” and it seems this is not common. The device does not listen on any ports and would be installed behind customer firewalls, and only communicate to Google using a pre-shared key.

I would be able to update the scripts. This question is about the firmware.

Is it safe to proceed without firmware OTA ability?

Re: Is it safe to not do firmware updates?

Posted: Tue Jun 08, 2021 8:26 pm
by katte82
In short, no.
You can do it, but it's not professional.
What will you do if google for some reason changes its API?

Re: Is it safe to not do firmware updates?

Posted: Tue Jun 08, 2021 11:02 pm
by BetterAutomations
Google changing it's API would have been fine. Without OTA, I could have downloaded new scripts--but not firmware, which is the concern of this question.

But I am good now. I had asked this question when I didn't know that there is in fact a way to do OTA. I will be using this code:
viewtopic.php?f=18&t=8433&p=58447#p47873
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/