2016-05-06 6:49 GMT+02:00 Persmule persmule@gmail.com:
DRM methods cannot "protect" anything. They can only do harm to end users.
That's an interesting statement for a political outreach discussion group (although the relevant activist groups probably beat that particular horse to death several times over.) Please note that coreboot@ isn't that kind of place.
To go back to the original question, any such approach fails here (at least on somewhat regular x86/arm designs on the market):
The data in OTP is readable
Since the CPU needs to read the flash at some point, you can't avoid it to read it (without breaking the legitimate use case). Sounds circular - because it is. The only scheme that could allow you to figure out sales numbers would be some remote attestation scheme - but they'd need to be interested in using it in the first place (plus, there's the assumption that the device is networked).
Regards, Patrick