That's interesting, I figured they would just disable/fuse it at the same time that the software is flashed, and updates need to use a bootloader anyway. What's the legal and IP issues?
Some industries are under various requirements not to be user-modifiable. Some of those requirements are uncommonly applied or are uncertain (wifi routers), but some have serious teeth (export controlled munitions). For devices in those classes they often can't be open without risking liability.
On the IP side, some people really care about keeping firmware proprietary. Leaving JTAG in a mode that is meaningful for debugging that firmware will pretty much completely destroy that. So if you super duper care, you sometimes put clauses in your contracts holding the integrator or OEM responsible if your firmware leaks.
Regarding a race condition, yeah. It's pretty common for devices to come up open, then harden up-- and not just for JTAG. It's also not unique to the register-setting approach.
Almost all modern embedded and non-embedded platforms do not actually have fuses (or separate flash area) for HW configuration and instead boot in some fixed and somewhat sane hardware state and all the "fuse setting" is done by software on each boot.
Typically the "sane hardware state" means enough to execute firmware instructions from somewhere and have some scratchpad RAM. Interesting approaches to this include modern x86 system which boot into state that could not be reasonably described as "sane" (no RAM, MMU preloaded with configuration that should not be normally possible...) and various RISC implementations that boot by loading initial contents of various registers and on-die caches from external serial PROM (which is essentially same way as how FPGA's are configured).
Some industries are under various requirements not to be user-modifiable. Some of those requirements are uncommonly applied or are uncertain (wifi routers), but some have serious teeth (export controlled munitions). For devices in those classes they often can't be open without risking liability.
On the IP side, some people really care about keeping firmware proprietary. Leaving JTAG in a mode that is meaningful for debugging that firmware will pretty much completely destroy that. So if you super duper care, you sometimes put clauses in your contracts holding the integrator or OEM responsible if your firmware leaks.
Regarding a race condition, yeah. It's pretty common for devices to come up open, then harden up-- and not just for JTAG. It's also not unique to the register-setting approach.