A hardware restriction (sometimes called hardware DRM) is content
protection enforced by electronic components. The hardware restriction
scheme may complement a digital rights management system implemented
in software. Some examples of hardware restriction information
appliances are video game consoles, smart phones, tablet computers,
Macintosh computers and personal computers that implement secure
1 Instances of hardware restriction
1.1 Upgradeable processors
1.2 Intel Insider
1.3 Verified/trusted/secure boot
1.4 Android devices
1.5 Apple devices
1.8 Secure boot
1.9 Solaris Verified Boot
2 See also
4 External links
Instances of hardware restriction
Some Intel processors are sold with some features "locked", that can
later be unlocked after payment.
Note that this is not unique to Intel. Some models of IBM's System 370
mainframe computer had additional hardware included, that if the
customer paid the additional charge,
IBM would send out a service
engineer to enable it, typically by cutting a resistor in the machine.
Main article: Intel HD Graphics § Intel Insider
Intel Insider, a technology that provides a "protected path" for
digital content, can be considered a form of DRM.
See also: Unified Extensible Firmware Interface § Secure boot
Some devices implement a feature called "verified boot", "trusted
boot" or "secure boot", which will only allow signed software to run
on the device, usually from the device manufacturer. This is
considered a restriction unless users either have the ability to
disable it or have the ability to sign the software.
Some Android devices come with the bootloader locked.
See also: SHSH blob, iOS jailbreaking, and Cydia § iOS
Apple's iOS devices (iPhone, iPad, iPod Touch, and Apple TV) require
signatures for firmware installation, intended to verify that only the
latest official firmware can be installed on those devices. Official
firmware allows third-party software to be installed only from the App
Main article: Tivoization
If a device only runs software approved by the hardware vendor, and
only a certain version of a free software program is allowed to run on
the device, the user cannot exercise the rights he theoretically has,
because he or she cannot install modified versions.
Another case of trusted boot is the
One Laptop per Child
One Laptop per Child XO laptop
which will only boot from software signed by a private cryptographic
key known only to the OLPC non-profit organisation and the respective
deployment authorities such as Education Ministries. Laptops
distributed directly by the OLPC organisation provide a way to disable
the restrictions, by requesting a "developer key" unique to that
laptop, over the Internet, waiting 24 hours to receive it, installing
it, and running the firmware command "disable-security". However some
deployments such as Uruguay deny requests for such keys. The
stated goal is to deter mass theft of laptops from children or via
distribution channels, by making the laptops refuse to boot, making it
hard to reprogram them so they will boot and delaying the issuance of
developer keys to allow time to check whether a key-requesting laptop
had been stolen.
See also: Safety and Security in Windows 8
Windows 8 hardware requires secure boot. Soon after the
feature was announced, September 2011, it caused widespread fear it
would lock-out alternative operating systems. In
January 2012, Microsoft confirmed it would require hardware
manufacturers to enable secure boot on
Windows 8 devices, and that
x86/64 devices must provide the option to turn it off while ARM-based
devices must not provide the option to turn it off. According to
Glyn Moody, at ComputerWorld, this "approach seems to be making it
hard if not impossible to install GNU/Linux on hardware systems
certified for Windows 8".
Solaris Verified Boot
Oracle Solaris 11.2 has a Verified Boot feature, which checks the
signatures of the boot block and kernel modules. By default it is
disabled. If enabled, it can be set to "warning" mode where only a
warning message is logged on signature failures or to "enforce" mode
where the module is not loaded. The Solaris elfsign(1) command inserts
a signature into kernel modules. All kernel modules distributed by
Oracle have a signature. Third-party kernel modules are allowed,
providing the public key certificate is installed in firmware (to
establish a root of trust).
Homebrew (video games)
^ http://www.hpl.hp.com/techreports//2003/HPL-2003-110.pdf HP
^ Want an iPhone? Beware the iHandcuffs - New York Times
^ Apple brings HDCP to a new aluminum Mac
Book - Ars Technica
^ Intel wants to charge $50 to unlock stuff your CPU can already do -
^ Intel + DRM: a crippled processor that you have to pay extra to
unlock - Boing Boing
^ Intel: Sandy Bridge's Insider is not DRM - Computerworld
^ Intel Claims DRM'd Chip Is Not DRM, It's Just Copy Protection
Intel Insider Code for DRM in Sandy Bridge? PCMag.com
^ Intel's Sandy Bridge sucks up to Hollywood with DRM - The Inquirer
^ "[Sugar-devel] Is Project Ceibal violating the GNU General Public
License?". lists.sugarlabs.org. Retrieved 2016-09-24.
^ Hacking; Security; Cybercrime; Vulnerability; Malware; Lacoon, Check
Point snaps up mobile security outfit; users, Fake Pirate Bay site
pushes banking Trojan to WordPress; Lebanon, Mystery 'Explosive'
cyber-spy campaign traced back to. "
Windows 8 secure boot would
'exclude' Linux". Retrieved 2016-09-24.
Windows 8 secure boot could complicate Linux installs
Windows 8 secure boot to block Linux - Hardware - News - ZDNet
^ Staff, OSNews. "
Windows 8 Requires Secure Boot, May Hinder Other
Software". www.osnews.com. Retrieved 2016-09-24.
^ a b Is Microsoft Blocking Linux Booting on ARM Hardware? - Open
Enterprise Archived 2012-03-09 at the Wayback Machine.
^ Solaris Verified Boot
An Introduction to
Tivoization by The Linux Information Project
Free and open-source software
Alternative terms for free software
Comparison of open-source and closed-source software
Comparison of source code hosting facilities
Free software project directories
Gratis versus libre
Open-source software development
Content management systems
Free software movement
Open-source software movement
Software Foundation License
Comparison of free and open-source software licenses
Contributor License Agreement
Definition of Free Cultural Works
The Open Source Definition
Permissive software licence
Digital rights management
Mozilla software rebranding
The Cathedral and the Bazaar
Microsoft Open Specification Promise