We use ESP8266 and modified rboot which validates SHA-1 sum of the firmware to prevent attacker to do OTA with his modified firmware. As it is possible to also update bootloader via OTA (https://forum.mongoose-os.com/discussion/comment/5188/#Comment_5188), this security addition has no effect. Is there a wat to compile firmware which would never allow updating (or overwriting) bootloader via OTA?
Also which parts from the fw.zip are subject of OTA? Are they all from
src except those with
Thanks in advance