You are reading a single comment by @Gordon and its replies.
Click here to read the full conversation.
Espruino is a JavaScript interpreter for low-power Microcontrollers. This site is both a support community for Espruino and a place to share what you are working on.
ZeoNish
@Gordon
In embedded systems you've often got a bit of an issue with people downloading your code - even if you're using compiled code. While some chips do have readout protection (STM32, nRF52) sometimes it can be circumvented with the right tools, and any firmware updates tend to be sent unencrypted too.
With ESP8266 that is especially the case since the SPI flash is separate - and regardless of what you do on the CPU, someone could just unsolder the chip, read the entire contents and clone it.
Personally, my advice is assume that someone could read out your code, and design accordingly. For instance don't include global private keys in the firmware.
That advice isn't specifically for Espruino, but literally any embedded target