>>You mean you haven't checked out how to protect the bootloader area?
>
>How could I protect it against erase? All PICs can be erased,
>can't they?

Yes they can - if you can get at the ICSP connection.

>And if they can't, the attacker could replace the PIC for a
>new one, and put the spoofed bootloader into that new PIC.

But you are missing the point. By making the ICSP connection available, by 
bringing out the PGM connection, then anybody can do anything to the code in 
the devices you are producing.

By having a bootloader it is possible to set most chips up so that the 
bootloader is protected against erasure, and it ensures that whatever does 
get downloaded is from a controlled source. The bootloader can only be 
erased if the PGM connection is brought out to the outside world.

-- 
http://www.piclist.com PIC/SX FAQ & list archive
View/change your membership options at
http://mailman.mit.edu/mailman/listinfo/piclist