diff --git a/src/fs/otp.c b/src/fs/otp.c
index 06e9387..dfc596e 100644
--- a/src/fs/otp.c
+++ b/src/fs/otp.c
@@ -179,64 +179,6 @@ bool otp_is_secure_boot_locked() {
     return false;
 }
 
-int otp_enable_secure_boot(uint8_t bootkey, bool secure_lock) {
-    int ret = 0;
-#ifdef PICO_RP2350
-    alignas(2) uint8_t BOOTKEY[] = "\xe1\xd1\x6b\xa7\x64\xab\xd7\x12\xd4\xef\x6e\x3e\xdd\x74\x4e\xd5\x63\x8c\x26\xb\x77\x1c\xf9\x81\x51\x11\xb\xaf\xac\x9b\xc8\x71";
-    if (is_empty_otp_buffer(OTP_DATA_BOOTKEY0_0_ROW + 0x10*bootkey, 32)) {
-        PICOKEY_CHECK(otp_write_data(OTP_DATA_BOOTKEY0_0_ROW + 0x10*bootkey, BOOTKEY, sizeof(BOOTKEY)));
-    }
-
-    const uint8_t *boot_flags1 = otp_buffer_raw(OTP_DATA_BOOT_FLAGS1_ROW);
-    alignas(4) uint8_t flagsb1[] = { boot_flags1[0] | (1 << (bootkey + OTP_DATA_BOOT_FLAGS1_KEY_VALID_LSB)), boot_flags1[1], boot_flags1[2], 0x00 };
-    if (secure_lock) {
-        flagsb1[1] |= ((OTP_DATA_BOOT_FLAGS1_KEY_INVALID_BITS >> OTP_DATA_BOOT_FLAGS1_KEY_INVALID_LSB) & (~(1 << bootkey)));
-    }
-
-    PICOKEY_CHECK(otp_write_data_raw(OTP_DATA_BOOT_FLAGS1_ROW, flagsb1, sizeof(flagsb1)));
-    PICOKEY_CHECK(otp_write_data_raw(OTP_DATA_BOOT_FLAGS1_R1_ROW, flagsb1, sizeof(flagsb1)));
-    PICOKEY_CHECK(otp_write_data_raw(OTP_DATA_BOOT_FLAGS1_R2_ROW, flagsb1, sizeof(flagsb1)));
-
-    const uint8_t *crit1 = otp_buffer_raw(OTP_DATA_CRIT1_ROW);
-    alignas(4) uint8_t flagsc1[] = { crit1[0] | (1 << OTP_DATA_CRIT1_SECURE_BOOT_ENABLE_LSB), crit1[1], crit1[2], 0x00 };
-    if (secure_lock) {
-        flagsc1[0] |= (1 << OTP_DATA_CRIT1_DEBUG_DISABLE_LSB);
-        flagsc1[0] |= (1 << OTP_DATA_CRIT1_GLITCH_DETECTOR_ENABLE_LSB);
-        flagsc1[0] |= (3 << OTP_DATA_CRIT1_GLITCH_DETECTOR_SENS_LSB);
-    }
-    PICOKEY_CHECK(otp_write_data_raw(OTP_DATA_CRIT1_ROW, flagsc1, sizeof(flagsc1)));
-    PICOKEY_CHECK(otp_write_data_raw(OTP_DATA_CRIT1_R1_ROW, flagsc1, sizeof(flagsc1)));
-    PICOKEY_CHECK(otp_write_data_raw(OTP_DATA_CRIT1_R2_ROW, flagsc1, sizeof(flagsc1)));
-    PICOKEY_CHECK(otp_write_data_raw(OTP_DATA_CRIT1_R3_ROW, flagsc1, sizeof(flagsc1)));
-    PICOKEY_CHECK(otp_write_data_raw(OTP_DATA_CRIT1_R4_ROW, flagsc1, sizeof(flagsc1)));
-    PICOKEY_CHECK(otp_write_data_raw(OTP_DATA_CRIT1_R5_ROW, flagsc1, sizeof(flagsc1)));
-    PICOKEY_CHECK(otp_write_data_raw(OTP_DATA_CRIT1_R6_ROW, flagsc1, sizeof(flagsc1)));
-    PICOKEY_CHECK(otp_write_data_raw(OTP_DATA_CRIT1_R7_ROW, flagsc1, sizeof(flagsc1)));
-
-    if (secure_lock) {
-        const uint8_t *page1 = otp_buffer_raw(OTP_DATA_PAGE1_LOCK1_ROW);
-        uint8_t page1v = page1[0] | (OTP_DATA_PAGE1_LOCK1_LOCK_BL_VALUE_READ_ONLY << OTP_DATA_PAGE1_LOCK1_LOCK_BL_LSB);
-        alignas(4) uint8_t flagsp1[] = { page1v, page1v, page1v, 0x00 };
-        PICOKEY_CHECK(otp_write_data_raw(OTP_DATA_PAGE1_LOCK1_ROW, flagsp1, sizeof(flagsp1)));
-        const uint8_t *page2 = otp_buffer_raw(OTP_DATA_PAGE2_LOCK1_ROW);
-        uint8_t page2v = page2[0] | (OTP_DATA_PAGE2_LOCK1_LOCK_BL_VALUE_READ_ONLY << OTP_DATA_PAGE2_LOCK1_LOCK_BL_LSB);
-        alignas(4) uint8_t flagsp2[] = { page2v, page2v, page2v, 0x00 };
-        PICOKEY_CHECK(otp_write_data_raw(OTP_DATA_PAGE2_LOCK1_ROW, flagsp2, sizeof(flagsp2)));
-    }
-#elif defined(ESP_PLATFORM)
-    // TODO: Implement secure boot for ESP32-S3
-#else
-    (void)bootkey;
-    (void)secure_lock;
-#endif // PICO_RP2350
-    goto err;
-    err:
-    if (ret != PICOKEY_OK) {
-        return ret;
-    }
-    return PICOKEY_OK;
-}
-
 #ifdef PICO_RP2350
 static void otp_invalidate_key(uint16_t row, uint16_t len) {
     if (!is_empty_otp_buffer(row, len)) {
diff --git a/src/fs/otp.h b/src/fs/otp.h
index 71aaabf..a20b001 100644
--- a/src/fs/otp.h
+++ b/src/fs/otp.h
@@ -44,7 +44,6 @@ extern int otp_write_data_raw(uint16_t row, const uint8_t *data, uint16_t len);
 
 #endif
 
-extern int otp_enable_secure_boot(uint8_t bootkey, bool secure_lock);
 extern void init_otp_files();
 
 extern const uint8_t *otp_key_1;
diff --git a/src/rescue.c b/src/rescue.c
index 48f9b2e..36514a9 100644
--- a/src/rescue.c
+++ b/src/rescue.c
@@ -54,6 +54,8 @@ int rescue_select(app_t *a, uint8_t force) {
     res_APDU[res_APDU_size++] = PICO_PRODUCT;
     res_APDU[res_APDU_size++] = PICO_VERSION_MAJOR;
     res_APDU[res_APDU_size++] = PICO_VERSION_MINOR;
+    memcpy(res_APDU + res_APDU_size, pico_serial.id, PICO_UNIQUE_BOARD_ID_SIZE_BYTES);
+    res_APDU_size += PICO_UNIQUE_BOARD_ID_SIZE_BYTES;
     apdu.ne = res_APDU_size;
     if (force) {
         scan_flash();
@@ -124,23 +126,6 @@ int cmd_read() {
     return SW_OK();
 }
 
-#if defined(PICO_RP2350) || defined(ESP_PLATFORM)
-int cmd_secure() {
-    if (apdu.nc != 0) {
-        return SW_WRONG_LENGTH();
-    }
-
-    uint8_t bootkey = P1(apdu);
-    bool secure_lock = P2(apdu) == 0x1;
-
-    int ret = otp_enable_secure_boot(bootkey, secure_lock);
-    if (ret != 0) {
-        return SW_EXEC_ERROR();
-    }
-    return SW_OK();
-}
-#endif
-
 #ifdef PICO_PLATFORM
 int cmd_reboot_bootsel() {
     if (apdu.nc != 0) {
@@ -164,15 +149,11 @@ int cmd_reboot_bootsel() {
 #endif
 
 #define INS_WRITE            0x1C
-#define INS_SECURE           0x1D
 #define INS_READ             0x1E
 #define INS_REBOOT_BOOTSEL   0x1F
 
 static const cmd_t cmds[] = {
     { INS_WRITE, cmd_write },
-#if defined(PICO_RP2350) || defined(ESP_PLATFORM)
-    { INS_SECURE, cmd_secure },
-#endif
     { INS_READ, cmd_read },
 #ifdef PICO_PLATFORM
     { INS_REBOOT_BOOTSEL, cmd_reboot_bootsel },