You are reading a single comment by @Gordon and its replies.
Click here to read the full conversation.
Espruino is a JavaScript interpreter for low-power Microcontrollers. This site is both a support community for Espruino and a place to share what you are working on.
@Gordon
You mean for Bluetooth devices? There isn't, no.
It was actually a conscious decision not to have it.
OTA works fine as long as you have a signed firmware and a private key, so you can be sure that nobody is uploading malicious firmwares behind your back. However in Espruino's case I share the private key since it's all open source, so anyone can make a firmware.
By requiring physical access to the device to update firmware I at least stop people uploading malicious/backdoored firmwares behind your back. Sure, you can upload JS if it hasn't been secured, but
reset(1)should sort that out.The Chrome team considered it serious enough to actually block the Web Bluetooth implementation from using the older non-signed version of the Nordic DFU tools, so I didn't want to give them an excuse to block Espruino as well.