doc: add attack

README.rst

@@ -78,11 +78,21 @@ It has a hole to pass a string through and attach it to a key-chain you keep wit
 This string also allows to easily unplug the device from the computer.
 It is also recommended to draw on the back of the device, so it becomes unique and hard to tamper with unnoticed.
 
+Obermaier and Tatschner [showed in 20179(https://www.usenix.org/system/files/conference/woot17/woot17-paper-obermaier.pdf) how to degrade the readout protection.
+This involved decapsulating the chip, which would make it easy to see that the device has been tampered with once you added a drawing onto it.
+Other side channel or fault injection attacks could exist to retrieve the key in a less destructive way.
+Since the passkey is inexpensive, just toss it away and get a new one if you suspect it has been tampered with.
+The other possibility would be for and attacker to intercept the device on the shipping way, extract the ID and corresponding manufacturer key, and programming them on a new chip, along with a malicious firmware.
+This malicious device could still pass authentication.
+To prevent this attack, you can manufacturer the passkey yourself.
+The board design files and firmware source code are open and available.
+The bill of material in around $2, and the parts can be hand soldered with little experience.
+
 firmware
 ========
 
 The devices is based on a [STM32F042F6P](https://www.st.com/en/microcontrollers-microprocessors/stm32f042f6.html) micro-controller.
-The firmware uses [TinyUSB](https://github.com/hathach/tinyusb).
+The firmware uses the [TinyUSB](https://github.com/hathach/tinyusb) USB stack.
 The device comes locked, preventing it to be re-flashed.
 I connected a DAPlink programmer to flash it, using the SWD test points on the back.
 To compile and flash it: