The FAQ says:
The OS image you download from the UI has embedded credentials that allow the device to register to your application without user input on boot. You should keep your downloaded images private.
Why should images be kept private?
If devices with SD cards are shipped to end users, what is to stop them from reading the card?
We would like to provide an image download to end users so they can set up their own hardware.
Is that a bad idea?