A hardware restriction (sometimes called hardware DRM) is content protection enforced by electronic components. The hardware restriction scheme may complement a digital rights management system implemented in software.
Some examples of hardware restriction are SIM locks in mobile phones, High-bandwidth Digital Content Protection, and Trusted Computing technology. Hardware restrictions are imposed on such information appliances as video game consoles, smart phones, tablet computers, Macintosh computers, and personal computers that implement secure boot.
Instances of hardware restriction
Upgradeable Intel processors
Some devices implement a feature called "verified boot", "trusted boot" or "secure boot", which will only allow signed software to run on the device, usually from the device manufacturer. This is considered a restriction unless users either have the ability to disable it or have the ability to sign the software.
Apple's iOS devices (iPhone, iPad, iPod touch, and Apple TV) require signatures for firmware installation, intended to verify that only the latest official firmware can be installed on those devices. Official firmware allows third-party software to be installed only from the App Store.
If a device only runs software approved by the hardware vendor, and a certain version of a free software program is allowed to run on the device, the user cannot exercise the rights he theoretically has, because he cannot install modified versions.
Another case of trusted boot is the One Laptop per Child XO laptop which will only boot from software signed by a private cryptographic key known only to the OLPC non-profit organisation and the respective deployment authorities such as Education Ministries. Laptops distributed directly by the OLPC organisation provide a way to disable the restrictions, by requesting a "developer key" unique to that laptop, over the Internet, waiting 24 hours to receive it, installing it, and running the firmware command "disable-security". However some deployments such as Uruguay deny requests for such keys. The stated goal is to deter mass theft of laptops from children or via distribution channels, by making the laptops refuse to boot, making it hard to reprogram them so they will boot and delaying the issuance of developer keys to allow time to check whether a key-requesting laptop had been stolen.
Certified Windows 8 hardware will require secure boot. Soon after the feature was announced, September 2011, it caused widespread fear it would lock-out alternative operating systems. In January 2012, Microsoft confirmed it would require hardware manufacturers to enable secure boot on Windows 8 devices, and that x86/64 devices must provide the option to turn it off while ARM-based devices must not provide the option to turn it off. According to Glyn Moody, at ComputerWorld, this "approach seems to be making it hard if not impossible to install GNU/Linux on hardware systems certified for Windows 8".
- http://www.hpl.hp.com/techreports/2003/HPL-2003-110.pdf HP Laboratories
- Want an iPhone? Beware the iHandcuffs - New York Times
- Apple brings HDCP to a new aluminum MacBook near you
- Intel wants to charge $50 to unlock stuff your CPU can already do - Engadget
- Intel + DRM: a crippled processor that you have to pay extra to unlock - Boing Boing
- Intel: Sandy Bridge's Insider is not DRM - Computerworld
- Intel Claims DRM'd Chip Is Not DRM, It's Just Copy Protection | Techdirt
- Is Intel Insider Code for DRM in Sandy Bridge? | PCMag.com
- Intel's Sandy Bridge sucks up to Hollywood with DRM - The Inquirer
- Windows 8 secure boot could complicate Linux installs
- Windows 8 secure boot to block Linux - Hardware - News - ZDNet Australia
- Is Microsoft Blocking Linux Booting on ARM Hardware? - Open Enterprise
- An Introduction to Tivoization by The Linux Information Project (LINFO)