Trust and Transparency

TinyPilot devices don’t hide hardware or software surprises. There are no covert radios, no microphones wired to unknown ICs, and no background connections to cloud services we operate. The system runs what you see, and we publish what’s inside.

Our firmware is built from a lean set of well-known open-source components, and the full image is assembled and signed on infrastructure we control. Most of the TinyPilot application layer is public on GitHub, and our releases include no management agents, telemetry collectors, analytics hooks, or “phone-home” behavior.

To make this easy to verify, we publish a Software Bill of Materials for every major firmware release. An SBOM lists the components that make up the TinyPilot application stack so customers can validate our supply chain, understand the software footprint, and confirm that nothing unexpected is running inside their infrastructure.

• No outbound cloud connections unless you explicitly enable one
• No hidden audio paths or dormant hardware listeners
• No bundled remote-management agents
• No telemetry brokers, analytics services, or silent network traffic

Transparency shouldn’t be rare in infrastructure tools. TinyPilot is built so you can confirm what runs inside your network.

If you have any questions or concerns, please reach out to our security team.