After trying resin.io on an RP3, I am trying it on an Intel NUC and experiencing slightly different behaviour so I wanted to check if this is expected and documented anywhere.
On the RP3:
download resin image
flash SD card using etcher
insert SD card into RP3
power on RP3
RP3 boots and HDMI output is a white background with Resio.io logo.
So if someone has physical access to my resin.io DEVELOPMENT Intel NUC they can login as root without a password?
That is correct , development images enable a number of useful features while developing (like passwordless login) and should not be used in production. This is also documented in a few places in our docs
When developing an application, you should consider using a development image of balenaOS. These images have a number of features that, for security reasons, are not present in the production releases of balenaOS. These include:
Last but not least, when users select a development edition in the ‘Add a new device’ dialog, they will see a note on where to use (and where to avoid) development images: