Yes i do. done it. at home. for fun. Which means anyone motivated to do it can easily get it done too..

With data intact after etching a custom PCB for a custom chip? I'd be impressed if that skillset overlaps with someone hacking bytecode

I bet that skillet overlaps more than you think. Especially once you consider motivated teams of two or three.

Again this additional step slows down an attack which discourages people from attacking the product. If it achieves this it's a valid step as part of a security strategy.

No single solution/step is 100% secure, if you think that, throw your devices away now because they're probably already compromised.

Stop with the ego pedaling security stuff and live/work in the real world where small changes have real positive impacts.

It's the same with DRM. It doesn't have to be uncrackable, as long as it keeps the sales for the first x-months it's worked. (Not that I think DRM is acceptable but that's another discussion).

Sometimes, idiotic moves like that DRAW people to your product who'd otherwise pass it by. The only reason cypress got publicly embarrassed by their secure rom being completely broken [1] was because the way they talked about it annoyed me.

[1] http://dmitry.gr/?r=05.Projects&proj=23.%20PSoC4

I...

Please stop arguing against a step which could have been taken as part of a valid security model...

I'm not saying this would have magically fixed the chip firmware. I'm not saying this would have magically stopped anyone ever getting into the device. I'm not saying this would stop Google accidentally shipping an unprovisioned unit.

I am saying a small move that strengthens the whole unit should be strongly considered. I'm sorry that backtracking from such a flippant response is so difficult for you.

Frankly it's a custom chip design, they could burn an efuse to cripple UART in production consumer units, that has the same effect for 99.99% of chips that would sell.