I don't really mean about the toothbrush. I mean, why is it legal for NXP to make chips that permanently brick instead of just factory resetting when too many wrong passwords are tried?
Because it's a feature customers ask for? What laws do you want written? How "secure" am I allowed to make my product before the Feds come a-knockin'?
And what does a "factory reset" accomplish? The hacker trying to get company IP (or whatever the password is protecting) gets three more attempts at it after the reset?
Finally, and I'm not saying this makes it okay, but e-fuses are common as dirt these days. I don't know that you're going to get that toothpaste back in the tube.
Aren't switches to temporarily bypass emissions controls in cars illegal, despite being a feature customers ask for?
> What laws do you want written?
I want all e-fuses to be banned, as well as any other means for manufacturers to permanently reduce, restrict, or remove functionality from products after they've been sold.
> How "secure" am I allowed to make my product before the Feds come a-knockin'?
If the one you're trying to make it "secure" against is the product's owner, then I'd say "not at all" would be a fine answer.
> And what does a "factory reset" accomplish? The hacker trying to get company IP (or whatever the password is protecting) gets three more attempts at it after the reset?
The point is that the factory reset would delete the company IP.
> Finally, and I'm not saying this makes it okay, but e-fuses are common as dirt these days. I don't know that you're going to get that toothpaste back in the tube.
Wasn't asbestos also as common as dirt before it was banned?
> Aren't switches to temporarily bypass emissions controls in cars illegal, despite being a feature customers ask for?
So you'd propose that we bans switches? You're saying that a microcontroller should never have a certain feature because you don't like how it has been implemented by a single company. Then you propose that nobody should have this feature ever because someone once used it to turn on a light reminding you that it's time to change your toothbrush head (and then let you brush your teeth normally with no further interruption).
I don't think your analogy holds up, nor have you thought through what you propose.
> You're saying that a microcontroller should never have a certain feature because you don't like how it has been implemented by a single company.
It's not the implementation. I don't want hardware to ever be able to permanently make itself less useful, no matter how it's done or what it's being used for.
You're making an argument that PROM, WORM, efuses, etc all shouldn't be allowed to exist. They're used for all sorts of features, not just security. You might do well to apply the lesson of Chesterton's Fence before you call for a ban on things you don't actually understand.
For legitimate cases of write-once media, it should be legal if and only if it's separate from the rest of the device and easily replaceable (e.g., a socketed chip or a DVD+R). Anywhere that write-once media is permanently attached to something else, it inevitably ends up being used for evil.
> I want all e-fuses to be banned, as well as any other means for manufacturers to permanently reduce, restrict, or remove functionality from products after they've been sold.
One thing, I can think of, are hardware-based security devices that disable themselves after recognizing break-in attempts.
> I want all e-fuses to be banned, as well as any other means for manufacturers to permanently reduce, restrict, or remove functionality from products after they've been sold.
I am in opposition to this stance. What you're (rightfully) concerned about is when companies do bad things with these mechanisms. But the mechanisms themselves not only have no ethical/moral problems, but are also really useful for all sorts of things that entirely unobjectionable.
Many security applications, situations where you're providing equipment to others and want to make sure it's not modified, etc. It's not that hard to come up with legitimate uses for this.
In any case, that sortof doesn't matter. Even if there was no legitimate use for them, that doesn't in and of itself mean they should be illegal. You should at the least demonstrate that their existence is causing great societal harm.
> Many security applications, situations where you're providing equipment to others and want to make sure it's not modified, etc. It's not that hard to come up with legitimate uses for this.
Why isn't just making sure the expected private key didn't get wiped a good enough way of making sure it's not modified?
> You should at the least demonstrate that their existence is causing great societal harm.
Okay, how about that it destroys the secondhand CPU market? Once you use an AMD CPU in a Lenovo computer, it blows e-fuses to keep you from ever using it in any other brand of computer: https://news.ycombinator.com/item?id=29958247
> Why isn't just making sure the expected private key didn't get wiped a good enough way of making sure it's not modified?
What's to stop someone from extracting and restoring the private key?
> Okay, how about that it destroys the secondhand CPU market?
Sure, then how about addressing that issue rather than proposing to outlaw an entire mechanism entirely? We have a lot of things that can be misused, but (generally) only in extreme cases do we outlaw the tech itself. More usually, we have laws targeting the misuse of the tech.
> What's to stop someone from extracting and restoring the private key?
Isn't the whole point of these chips that you can't extract the private key, so that if it gets wiped, it's definitely gone forever?
> Sure, then how about addressing that issue rather than proposing to outlaw an entire mechanism entirely? We have a lot of things that can be misused, but (generally) only in extreme cases do we outlaw the tech itself. More usually, we have laws targeting the misuse of the tech.
But this particular technology doesn't seem to have any legitimate uses.
I'm inclined to take the common HN position of "trying to lock people out of modifying their own stuff is bad", however there are plenty of situations in which someone who is not the owner might access an NFC tag and try to make it do things the owner does not want it to. Bricking it seems like the nuclear option, but it's not inherently evil to offer the option of NFC tags that are both tamper-resistant and tamper-evident.
Because NXP makes this chip compliant with ISO/IEC14443, meaning it can be used in payment cards. EMV requires shit like this in their credit card NFC and I'm thankful for it.
> they take control away from the actual owners of devices
Only if they're used that way. They don't take control away from the actual owners of the devices if its the owners who put them in there, for instance. Again, I think you're conflating the existence of a mechanism with the abuse of the mechanism. If you were just railing against the abusive uses, I'd be behind you 100%.
I just don't see why we should outlaw a common and useful mechanism entirely, rather than outlaw certain uses of that mechanism.
