I was wondering if there is any visual difference between the standard OnlyKey and the developer model. Also, I believe this is answered by the directive to buy a developer model if you wish to load non-signed firmware, but I’m seeking direct confirmation that the standard OnlyKey has no method or sequence of input which allows one to put it into developer mode. TIA
Just bumping hoping someone will answer this. Thanks.
No you can’t put the standard OnlyKey into developer mode the developer model is different hardware. Additional information here About Security | Docs
Thank you for your reply. I have read the documentation. My main question is still: Is the developer model visually distinct from the standard model? i.e. could someone potentially swap out a standard OnlyKey prior to the first use with a corrupted developer model without them noticing any physical differences between the two? Is there an image of the developer model available anywhere? Thank you again.
Bumping again as my question still remains unanswered. Thanks.
Can you provide more information on your threat model? If you are asking is it possible to make an OnlyKey that looks real with your own firmware then yes you could with technical knowhow create something that looks similar. If you are dealing with an advanced adversary with technical know how it is always possible to build something that looks nearly identical to the original, this would apply to almost all electronics. There are many ways to make a counterfeit device.
For example, counterfeit Yubikeys have been made:
Counterfeit Trezor devices have been made: