I firmly believe that permanent key fusing to lock bootloaders should be outlawed. At the very least the keys (and schematics) should be released once the device reaches EOL.
Agreed. We really need some sort of regulation that prevents companies from bricking devices they sold. It's just so unethical, and wasteful, to put these devices out there and then just turn them into trash.
It should be required from day one. This tying of specific user-environment software to hardware is a straightforward antitrust issue, and frankly should never have been allowed to fester as long as it has.
The industry should be made to move to security models that don't revolve around baking in manufacturer-privileged keys (verification or attestation). Internal groups developing any default user-environment software should have to stay at an arms length from the hardware team, and only be using published documentation.
Any connected device NEEDS continual updates in order to continue to be secure.
This is particularly true of internet connected devices, but is also true for IOT devices that only connect to the internet indirectly. Security holes get found, if you can't patch and update devices in the field then you are leaving your customers unprotected.
> Any connected device NEEDS continual updates in order to continue to be secure.
And I feel that updates are being abused too much by device makers now:
-allows making devices worse, say "optimizing" the UI e.g. to make you spend more time in the parts they (not necessarily the user) want you to see
-allows releasing half-finished games since they can just be updated later anyway
-allows breaking old functionality for whatever reason
-allows the device makers to choose when to do the update rather than the user, say just when you want to start playing a game
It's a shame there's no less invasive way to ensure devices are secure. It sure is convenient for the device makers that the solution to security also gives them continuous control over your device's features and when you can actually use it
There is security and there is cargo cult. "unprotected" really depends on what the user is using the device for, what the vulnerabilities are, and what's the worst thing someone with total root level access to the device can actually do.
If the device is using a read-only firmware, has a secure boot chain of trust, lives behind a firewall and only makes outgoing connections, the risk is very limited. You can't directly connect to it, so your only option is to tamper with traffic in transit and exploit some buffer overflow in how it parses replies to its requests - that's already a very targeted attack that's really hard to scale, and with an intact secure/trusted boot chain it still means you can't persist so you'd need to redo this every time the device is rebooted.
And finally, assuming you manage to do all the above, what't the payoff? For a "Car Thing", the payoff is quite limited. I guess you can blast obnoxious music at full volume against the user's wishes?
It's not just security, but simple functionality too. Connected devices rely on remote services, by definition. Those services' APIs will change and get deprecated over time. At the very least, you need to keep clients up-to-date to conform to those API changes.
"Your services" aren't entirely yours. Practically speaking, no one builds systems entirely from scratch. A service likely has remote dependencies too, some of which will trickle down to the clients of your service. For Spotify specifically, they rely on SSO providers and third-party payments services; if those APIs change, then the client will likely require updates even though Spotify didn't change anything in their own core functionality.
Doesn't sound like its an update that bricks them, thought the article is a bit confusing on that point. Sounds to me like they broke the API (or just blocked this particular User-Agent)
EU legislation on power chords gave us micro-USB phones, when USB-C could have been a better option, but a real solution would be let consumers decide inputs/outputs.
Micro-USB was legislated years ago when each phone had a different charger plug. Currently the standard is USB-C. I also suspect that the EU only mandates a charging & plug standard but it's up to the industry to choose one.
A regulation requiring companies to "let consumers decide inputs/outputs" would be much more burdensome than merely standardizing one specific connector per ~decade. With the compactness of modern devices, they'd basically have to spin a new board for every connector type a consumer might what. But you're right - it would be kind of neat if I could have Google make me a new Pixel 8 with the bespoke data connector from my old SPH-A580, so I'd finally once again have a use for that cable that's just sitting around in a box. This is what you meant, right?
Regular major and minor chords were unaffected though :)
(I actually started reading this comment as a pun, as in "The EU can regulate music streaming - they already regulated power chords", and that made me smile)
I thought the same thing and was going to reply before I saw your comment. I wonder if there’s a term for typos/mis-spellings that form an unintended word or phrase that still makes sense for that particular context.
This is a fascinating misunderstanding of history. Were you not around when phones all had unique, non USB charging cables? It was a nightmare trying to charge a phone or device if you forgot your charger.
> but a real solution would be let consumers decide inputs/outputs.
When trillion-dollar companies consider a serial connector to be a proprietary and DRM-enabled apparatus I think the "real solution" is precluded by entirely unnecessary corporate greed.
Realistically how many people are going to bother reflashing their devices? This case is exceptional because it was EOLed so early, but for the typical phone that reaches EOL in 2 years I doubt more than 1% of people are going to make use of this ability.
It's a chicken and egg problem. There isn't much firmware being developed for these devices because there is no easy path for users to install them.
If installing alternative/third-party firmware becomes easy and normalized, there will also be more options to choose from, because it will actually become worthwhile for people/companies to develop said firmware.
I think if the process was made easy, it would save quite a bit more than 1% of these devices from the landfill, assuming you have enough power users to build a community. Plenty of people flash their chromebooks to MrChromebox UEFI to give them a new life, because it's easy enough for mere mortals, and because Google doesn't lock them down.
I believe if given the tools, people would gladly donate their time to make something fun with it. Heck, that's what I do in my spare time. But it's impossible if everything is completely locked down, as if a music streaming box contains nuclear launch codes that must be protected at all costs.
If you have an easy way to flash any phone and plenty of firmware available, it makes sense to turn flashing into a business. Buy used phones off people who don't need them any more, reflash them with a newer and debloated Android, and then sell them off for more than you got them for.
This would very quickly lead to abuses though. If PC OEMs are bad, imagine what a small mom-and-pop shop, subject to a lot less scrutiny and having much less respect for the law could do.
>You are saying you can reduce e waste by whole integer percent with a simple bit of legislation?
Well no, because not all e-waste are devices that you can conceivably reflash. For instance a monitor equals at least 10 phones in terms of e-waste volume, but I doubt legislation like this is going to make a dent in monitor e-waste. The proposal only realistically makes a difference for computing devices with short EOL periods and locked bootloaders, so basically phones and tablets.