Lockable Teensy Flash Question

Thundercat

Well-known member
Hi, I am using locked Teensy 4.0's for my business ventures.

I've run into an issue where the Teensyduino IDE crashes a lot, as it's based on the 1.8x Arduino Code, and I get java heap errors (there's another thread about this, but not work linking to, as there was no solution). From what I understand, the Teensyduino app does not yet work with V2.X Arduino Code (correct?).

So I've resorted to using the newer Arduino 2.x for my programming duties with the Teensy 4.0s.

I understand I must use Teensyduino to lock the Teensys - which I do - but my question is this:

If I use the Arduino 2.x to flash the locked Teensys (which works), does it flash them in the locked mode as well? Or will the code go into an unlocked area of the Teensy? I need to make sure the code is protected.

Sorry if this is simplistic or obvious; I just want to be sure I understand the code security issues with using the Arduino 2.x IDE instead of Teensyduino (again, only because I get java heap errors constantly with the Teensyduino/Arduino 1.8x codebase).

Thanks in advance for your knowledge and support.

Mike
 
The only need for IDE 1.8.19 is the locking steps. The IDE 2.x limitation is presenting UI to run the code for the locking steps.

Once locked both IDE 1.x and 2.x will generate the .eHex required to upload to a locked Teensy.
 
If you want to use only Arduino IDE 2.x, you could briefly use Arduino IDE 1.8.19 and simply save the 3 programs. They should work fine with the newer IDE.

But do keep in mind those programs need to be kept secure. If an attacker were to capture that source code, they could extract your key and use it to decrypt your EHEX files. Likewise for key.pem.

As always, make secure offline backups of your key.pem file. If you lose your key, you'll forever be unable to create new EHEX files for all the Teensy hardware you loaded with your key.
 
Thank you Paul. Sorry to be obtuse, but what 3 programs? You mean Arduino 1.8x, Ardxuino 2.x, and Teensyduino?

I'm aware of the need to keep the key.pem safe, and have backups of it (I do), but I don't understand your middle paragraph...are you saying if someone got to my computer and opened the file on Arduino 2.x, they could extract the key?

Are you basically saying, keep your computer itself secure?

Thank you kind sir.
 
but what 3 programs?

The 3 programs you get when you click the 3 buttons in the Teensy 4 Security tool (which only exists in Arduino IDE 1.8.19, Tools > Teensy 4 Security menu)

code_security_t4security.png
 
Back
Top