| |||||||||||||
The ColorHug adds a remote disable "feature"The ColorHug adds a remote disable "feature"Posted Jan 12, 2012 9:09 UTC (Thu) by michaeljt (subscriber, #39183)In reply to: The ColorHug adds a remote disable "feature" by epa Parent article: The ColorHug adds a remote disable "feature"
> Or indeed the device could be shipped without firmware, which becomes available (as a download locked to a particular serial number) once you've confirmed that you received the device.
Or require the device to be enabled. The device comes with some alternative one-time locked firmware, and you have to confirm reception to get the key. Devices shipped with a postal service that confirms reception could be sent unlocked, so that people get to choose between paying a little more or taking a little initial inconvenience.
(Log in to post comments)
The ColorHug adds a remote disable "feature" Posted Jan 12, 2012 17:12 UTC (Thu) by dashesy (subscriber, #74652) [Link] This sounds an interesting idea! borrowing from the idea of locked and signed kernel but actually giving customers the real ownership. On the other hand, I believe any remote-control feature is only a counter marketing for the average Joe user, a likely non-geek photographer or hobbyist.
Just name it "security feature"... Posted Jan 12, 2012 17:42 UTC (Thu) by khim (subscriber, #9252) [Link] Well, credit cards are handled like that and Joe user knows how to use them, so... Note: to make ColorHug less attractive for thiefs it's shipped in factory disabled form. It must be activated before use (link will be provided in confirmation letter). This process is similar to activation of credit card, but fully automatic (no need to call the bank representative and discuss details of your family life). Activation process also ensues that your device is new and was not used by anyone before.
Just name it "security feature"... Posted Jan 12, 2012 18:04 UTC (Thu) by dashesy (subscriber, #74652) [Link]
I am actually agreeing with the idea, I think remote-enable (with or without involvement of internet) is a much better idea than remote-disable. If a device is locked with no (or limited?) functionality, and I can enter per-unit generated S/N by hand (got by email or phone) or do verification over internet or phone and become white-listed to do an update, I for one will purchase it. But knowing that my device can talk to the manufacturer behind my back, and disclose anything (even if S/N) I will never run the GUI. Maybe I am paranoid, but it is similar to the Windows Genuine Advantage at best, which is a privacy concern. I trust open source better on this but argument is the same.
The ColorHug adds a remote disable "feature" Posted Jan 12, 2012 18:31 UTC (Thu) by bronson (subscriber, #4806) [Link]
> The device comes with some alternative one-time locked firmware, and you have to confirm reception to get the key.
Interesting idea, sounds workable. I wonder about licensing... Presumably that initial firmware must not contain any GPLv3 components?
The ColorHug adds a remote disable "feature" Posted Jan 12, 2012 19:52 UTC (Thu) by michaeljt (subscriber, #39183) [Link]
> Presumably that initial firmware must not contain any GPLv3 components?
From "A Quick Guide to GPLv3"[1]:
"Distributors are still allowed to use cryptographic keys for any purpose, and they'll only be required to disclose a key if you need it to modify GPLed software on the device they gave you."
So presumably if the person denies receiving the device and demands a refund, giving up their right to it, then the GPLv3 doesn't require you to give them the key?
|
|||||||||||||