[andrewstuart]

I believe this requires physical access to the MCU.

[monocasa]

It does, but major part of flash encryption is to protect your supply chain. Ie. to keep people from cloning your boards and just dumping your software on them. It's also a bit of security through obscurity (which despite the memes can be an important piece of defense in depth) to make the MCUs a bit more difficult to attack if you don't know the code that's running.

[XorNot]

Except an attacker operating at that scale would just start decapping the chips and inspecting them.

[monocasa]

Decapping and dynamically instrumenting a chip with little pins like you'd need to do is a lot harder than a timing/glitch attack.

[mindslight]

Indeed. It's odd to see "Pwn" in the title, and then read the details and have to completely reverse the context. This situation is closer to the original sense of "own", as in "home ownership". If some squirrels get into your home and you evict them, you wouldn't say you "pwnt" your house.