You are reading a single comment by @Gordon and its replies. Click here to read the full conversation.
  • So you'd like to verify the identity of the GPS module itself? Or of Espruino?

    If it's Espruino itself then you can actually check getSerial() - which is a laser-etched unique per-chip serial number. If you really want to lock things down you could use that number to decrypt your source code at boot time - so it'd be quite difficult to reverse engineer.

    For the GPS I guess it depends if you have any control over the GPS module itself. If it's an off the shelf module then you'll be quite limited - you might be able to find a manufacturer specific command that returns a unique ID for the module though (or EEPROM as you say) - but anyone snooping on the connection could then figure out what was in the EEPROM and write the same thing to their module.

    If you have your own microprocessor on the module then you've got a bit more control. You could for instance send some random text to the module, have the module encrypt that text somehow with its own key, and then compare that returned code on the host. It's quite a lot of effort to go to though!

About

Avatar for Gordon @Gordon started