Storing private keys for updates to remote device

I’m reading up on how to perform signed updates for remote hardware devices. I need to check if the new software has been generated by a "trusted" source, ie me.

Based on my understanding of asymmetric cryptography I understand that I can embed a public key on all my devices and then any new software that needs to be updated on the device, needs to have a signed hash in a header that I could check against. I’m all onboard until this part, and it sounds great for secure updates, but I’m wondering how one would securely store the private key. Say I built 1M units. All have the public key programmed on them. If my private key is lost for whatever reason, I lose the ability to update any of these devices. It sounds like the jugular vein. Should I accept storing private keys very safely as a cost of doing business, or is there a better way to handle this case?

Installing only security updates is a mistake?

On my Debian, I only do security updates:

deb buster/updates main

deb-src buster/updates main

For example, Debian recently migrated from 10.3 to 10.4, but I still use version 10.3 and automatically install available security updates.

Is that enough for security?

Coronavirus, you and hosting company important updates for hosting customers 2020.

Corona-virus, you and hosting company important updates for hosting customers 2020.

Corona-virus created problems in almost all countries and maybe you are facing the same also. Please take care and stay safe. If your are hosting customer please support hosting industry if anything urgent or important then contact provider because most of the employees working from home and few facing health issues. So it is time to help each other. If any hosting provider was not able to provide you support then maybe they are facing big problems so please trust them and don’t cancel your services.

If any customer looking for a web hosting plan for any startup idea in this situation and we provide free of cost hosting and support. Also logo designing. We are ready to help you and make your business successful.
Many thanks for your valuable time.

Below are Free Hosting for a lifetime, host without cost details:

FREE Startup-$0 /Lifetime

>> Single Domain Hosting
>> 200MB Web Space
>> 200MB Bandwidth
>> 2 Email Accounts
>> 2 Sub Domains
>> FREE Auto SSL
>> DDOS Protection
>> 99.99% uptime
>> Softacolous Supported
>> Tier 1 Technical Support

Order Now >>

Thank you.

About Microsoft delivering Windows 10 updates [closed]

I’m really curious to know the answers to these questions. I Hope you can help me out.

1- For how long will the Surface Go receive software updates(feature & security) ?

2- Is there a difference between: • the software updates(feature & security) delivered to Microsoft’s own hardware(Surface lineup devices) and • the software updates(feature & security) delivered to computers from other manufacturers(like LG, for example…) ???

3- Does Microsoft’s own hardware gets supported with software updates(feature & security) for a longer period of time than computers from other manufacturers?

Thank you.

Few updates suggestions

Hi! I have few suggestions if added to ser , they will be too much helpful
1) Select verified links based on country. 
Project->right click->show urls->verified->select->links based on country
2)Export unused accounts from projects.
If we upload accounts to a project and run the project but decide to stop the project before all the accounts gets processed. So the leftover accounts can be exported and used in the same or in any other project. It helps in lots of ways. First all of the accounts will be used evenly . Links overwriting will be avoided. Same accounts getting used again quickly can lead to deletions.
3). Add engines selection so that selected engines verified links from the project can only be added,

I hope these can be worked out. Hoping for the best.
Thanks again,

Any thoughts or research on forced updates on apps?

I was wondering the UX impact on forced updates on apps and found little to no research on the subject so far.

There may be crucial information that needs to be accessed in certain cases but an abrupt forced update may block the users from accessing that information especially in no wifi areas.

I’m working on a travel app that contains ticket information and I’m afraid that this issue might severely damage the user experience in such occasions so I’m looking for anything to back me up here.

Is there any data/research on how often do apps from different domains release forced updates and what are their impacts etc. and what are your thoughts about this subject?


What is the best way to notify a user that updates are available in a desktop application?

I have a WPF desktop application that is used as the front-end for a webservice. This application has a database that could get updated from time to time, but it would also work with an old database. I want my application to do a background check on startup, whether the database needs to be updated.

If that is the case, I want to notify the user.


What are the best ways to do that ?

SharePoint 2019 Standard vs. Enterprise, Updates / Release / Patch / Versions and the SharePoint Framework Releases

We have an SP2019 test farm running SharePoint Server 2019 Standard, version 16.0.10351.20000 (October 2019). I have a few questions regarding compatibility between SPFX development and SP2019 on-premise:

  1. Is it important to keep the SP2019 environment updated with the latest monthly release in order to ensure compatibility with the latest version of the SharePoint Framework?

  2. Is there any guidance regarding development targeting SP2019 standard edition vs. enterprise (article, blog post)?

  3. Some on-line posts state that SPFX should be kept at version 1.4.1 for SP2019. Is this still true?

  4. Does anyone have any experience regarding possible deployment issues when development is performed on SharePoint Online? Development environment is O365.

Thanks in advance!