I’m not sure where they would have had those in the materials they did release. They are leaving 9 (yes, nine)
root keys in
/home/root/.ssh/authorized_keys. I assume this is for devs to access the system during development, but you remove those kinds of things from your production image. It’s not a huge security issue, as the device only exposes an ssh service during recovery mode. But still, if any one of the private keys associated with those 9 authorized keys leaks…
But, I digress.
This release of code appears to be the minimal amount required to satisfy the license requirements. And, there is nothing wrong with that.
Anyone that was expecting a build-able firmware release will be disappointed, though. The kernel drivers are nice, but they are only part of what is needed. They excluded the actual daemon, and more importantly, anything to do with the communications with the head.
Without the head communications, anyone trying to make the thing work is dead in the water.
The PIC firmware was done in assembly, and @palmercr deciphered that in short order (maybe he’ll write up a post about that? ). The head firmware, on the other hand, was apparently compiled from C and is much more obfuscated. Work on that is ongoing, but it may be easier to just write new head firmware from scratch.
I had also hoped that this release would spring my board project forward. However, it looks like there is little there that I can make use of. That’s not that big of a disappointment to me. I wasn’t expecting their code this soon, anyway.