[asciilifeform]

Why lie to the public ? Pulling the battery does enable rewrite, by the user, of the AP ROM, but not the Cr50 -- the latter remains Tivoized. And every owner of this machine can verify this with his own hands, it is not even necessary to build the USB debug cable.

The Cr50 accepts firmware updates at all times, but only when signed with Google's RSA key.

[pgeorgi]

> Why lie to the public?

I don't, and TBH I don't find your writing style (of which this is an example) very engaging.

Cr50 is a replacement for the old TPM. It has approximately the same constraints as the Infineon TPM used in the past: firmware updateable, but not for you.

[edit to add: would a mechanism to disable the update mechanisms, at the price of "no warranty" since RMA becomes impossible be acceptable to you? Or would you suspect that there's another update mechanism anyway?]

> Pulling the battery does enable rewrite

Pulling the battery is non-trivial on a device like Pixel C, hence a new mechanism.

[asciilifeform]

My current alternative appears to be to desolder the Cr50 and fabricate harmless replacements (to e.g. init 3.3v rail).

So naturally voids warranties.

> firmware updateable, but not for you

Finally, honesty. It's a Tivo.

[asciilifeform]

The Infineon couldn't force a boot ROM update via USB-C.

[pgeorgi]

> firmware updateable, but not for you

Like the Infineon before it.