Hi, All, Is there any way to protect the binary image in flash chip from being copied? Once the customers gets the image, they can produce millions of board and do not tell me. I just want to know the amount of the mass production.
OTP seems to be a way, but it is not 100%. The data in OTP is readable and can be copied to a new chip's OTP erea.
Do you guys have any more suggestion?
Zheng
Don't you feel ashamed to ask coreboot, a free firmware project, for copy protection techiques?
On Fri May 6 08:45:51 2016 Zheng Bao fishbaoz@hotmail.com wrote:
Hi, All, Is there any way to protect the binary image in flash chip from being copied? Once the customers gets the image, they can produce millions of board and do not tell me. I just want to know the amount of the mass production.
OTP seems to be a way, but it is not 100%. The data in OTP is readable and can be copied to a new chip's OTP erea.
Do you guys have any more suggestion?
Zheng
coreboot mailing list: coreboot@coreboot.org https://www.coreboot.org/mailman/listinfo/coreboot
I don't protect my source. I gave the source to customers. I just want to protect binary. Customer doesnt know how to build.
In a business, customer dont tell the correct production amount as what is wrote in the contract. It is not my fault.
________________________________
From: persmule@gmail.com To: fishbaoz@hotmail.com; coreboot@coreboot.org Subject: Re: [coreboot] How to protect binary in flash chip? OTP? Date: Fri, 6 May 2016 10:41:44 +0800
Don't you feel ashamed to ask coreboot, a free firmware project, for copy protection techiques?
On Fri May 6 08:45:51 2016 Zheng Bao <fishbaoz@hotmail.commailto:fishbaoz@hotmail.com> wrote:
Hi, All, Is there any way to protect the binary image in flash chip from being copied? Once the customers gets the image, they can produce millions of board and do not tell me. I just want to know the amount of the mass production.
OTP seems to be a way, but it is not 100%. The data in OTP is readable and can be copied to a new chip's OTP erea.
Do you guys have any more suggestion?
Zheng
-- coreboot mailing list: coreboot@coreboot.orgmailto:coreboot@coreboot.org https://www.coreboot.org/mailman/listinfo/coreboot
Sorry for my rudeness, but I do not believe copy protection, or any form of immoral Digital Restriction Management is able to be a solution to count products.
On Fri May 6 11:39:54 2016 Zheng Bao fishbaoz@hotmail.com wrote:
I don't protect my source. I gave the source to customers. I just want to protect binary. Customer doesnt know how to build.
In a business, customer dont tell the correct production amount as what is wrote in the contract. It is not my fault.
From: persmule@gmail.com To: fishbaoz@hotmail.com; coreboot@coreboot.org Subject: Re: [coreboot] How to protect binary in flash chip? OTP? Date: Fri, 6 May 2016 10:41:44 +0800
Don't you feel ashamed to ask coreboot, a free firmware project, for copy protection techiques?
On Fri May 6 08:45:51 2016 Zheng Bao <fishbaoz@hotmail.commailto:fishbaoz@hotmail.com> wrote:
Hi, All, Is there any way to protect the binary image in flash chip from being copied? Once the customers gets the image, they can produce millions of board and do not tell me. I just want to know the amount of the mass production.
OTP seems to be a way, but it is not 100%. The data in OTP is readable and can be copied to a new chip's OTP erea.
Do you guys have any more suggestion?
Zheng
-- coreboot mailing list: coreboot@coreboot.orgmailto:coreboot@coreboot.org https://www.coreboot.org/mailman/listinfo/coreboot
DRM methods cannot "protect" anything. They can only do harm to end users.
For example, I believe end users have the right to back up the content of the flash chip, in order to reflash it back once the content of the flash gets broken, just as we do when developing coreboot, which will become impossible if copy protection is applied.
As you have said, the problem seems only lying between you and some hardware vendors. I suggest you not let it harm end users of your code.
Please forgive my arrogence, but please, do not harm end users.
On Fri May 6 12:17:51 2016 Persmule persmule@gmail.com wrote:
Sorry for my rudeness, but I do not believe copy protection, or any form of immoral Digital Restriction Management is able to be a solution to count products.
On Fri May 6 11:39:54 2016 Zheng Bao fishbaoz@hotmail.com wrote:
I don't protect my source. I gave the source to customers. I just want to protect binary. Customer doesnt know how to build.
In a business, customer dont tell the correct production amount as what is wrote in the contract. It is not my fault.
From: persmule@gmail.com To: fishbaoz@hotmail.com; coreboot@coreboot.org Subject: Re: [coreboot] How to protect binary in flash chip? OTP? Date: Fri, 6 May 2016 10:41:44 +0800
Don't you feel ashamed to ask coreboot, a free firmware project, for copy protection techiques?
On Fri May 6 08:45:51 2016 Zheng Bao <fishbaoz@hotmail.commailto:fishbaoz@hotmail.com> wrote:
Hi, All, Is there any way to protect the binary image in flash chip from being copied? Once the customers gets the image, they can produce millions of board and do not tell me. I just want to know the amount of the mass production.
OTP seems to be a way, but it is not 100%. The data in OTP is readable and can be copied to a new chip's OTP erea.
Do you guys have any more suggestion?
Zheng
-- coreboot mailing list: coreboot@coreboot.orgmailto:coreboot@coreboot.org https://www.coreboot.org/mailman/listinfo/coreboot
2016-05-06 6:49 GMT+02:00 Persmule persmule@gmail.com:
DRM methods cannot "protect" anything. They can only do harm to end users.
That's an interesting statement for a political outreach discussion group (although the relevant activist groups probably beat that particular horse to death several times over.) Please note that coreboot@ isn't that kind of place.
To go back to the original question, any such approach fails here (at least on somewhat regular x86/arm designs on the market):
The data in OTP is readable
Since the CPU needs to read the flash at some point, you can't avoid it to read it (without breaking the legitimate use case). Sounds circular - because it is. The only scheme that could allow you to figure out sales numbers would be some remote attestation scheme - but they'd need to be interested in using it in the first place (plus, there's the assumption that the device is networked).
Regards, Patrick
On Thu, May 5, 2016 at 8:39 PM, Zheng Bao fishbaoz@hotmail.com wrote:
I don't protect my source. I gave the source to customers. I just want to protect binary. Customer doesnt know how to build.
In a business, customer dont tell the correct production amount as what is wrote in the contract.
I think Patrick is correct when he mentioned that the only way to get the information is with remote attestation. But that can become complicated and if the customer is determined they may break the scheme.
Can you describe the business model in more detail? It appears that you have a royalty-based agreement with the customer, but the customer is being dishonest. Maybe others have a better idea of what kind of business arrangements can work better in the future - Upfront payment for porting, time-based support contract, etc.
On Thu, May 5, 2016 at 7:54 PM Persmule persmule@gmail.com wrote:
Don't you feel ashamed to ask coreboot, a free firmware project, for copy protection techiques?
Zheng Bao has nothing to be ashamed of, he made at least 187 commits to coreboot from 2008 to 2015 -- and they were not simple ones by any means.
Your comment is unfair.
ron
-
David Hendricks -
Patrick Georgi -
Persmule -
ron minnich -
Zheng Bao