Firmware as a marketing weapon

Recently Dell added some new UEFI-based security to their business-class systems.

This is an interesting response from an analyst on this move:

Today, it appears Windows uses different levels of firmware security, based on how long you’ve been using some legacy hardware.

http://www.itwire.com/opinion-and-analysis/open-sauce/68262-windows-10-no-secure-boot-unless-microsoft-tax-is-paid
https://msdn.microsoft.com/en-us/library/dn917885%28v=vs.85%29.aspx
https://msdn.microsoft.com/en-us/library/dn756793%28v=vs.85%29.aspx

AFAICT, this has been happening for years, I forget when it stated. Rooted smartphones are one camp. Game consoles are another. Apple started using EFI to only let Apple Mac Servers load Apple Mac OS X Server software, no other OS. Microsoft does likewise with all of their their consoles and mobile devices. When the OS vendor is *also* the OEM, secure firmware technologies act like DRM for the maker, to ensure their software is tied to their hardware.

I am worried that we’ll start seeing devices using their firmware security technologies — coreboot Verified Boot, UEFI Secure Boot, TCG Measured Boot, TXT Trusted Boot, U-Boot Verified Boot, etc. — intentionally turn into bricks at the firmware level, if they manufacturer is not happy with their return on investment with the consumer. As Daniel mentions above, if the customer does not pay their service contract, and they don’t own the device anyway, why not brick it, until the customer sends valid payment? 😦

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s