eFuse: Droid’s Digital “Kill-Switch”
As I mentioned yesterday, Motorola has really ticked off developers and power users, but the ramifications of just how tightly they’ve locked down their newest Android-powered phones are just now coming to light.
If you want to load a custom ROM onto an Android phone you have to “unlock the bootloader”. But Motorola doesn’t want you to be able to do that on their phones. In fact, they have even installed another chip in their hardware that monitors the bootloader’s code, and locks down the phone if it’s changed from what it expects.
The chip in question is called “eFuse”. Just like its name implies, this chip acts as a sort of “electronic fuse” and “trips” when it determines the bootloader has been changed (or “tampered with”). The only way to “reset” the fuse that we know of is via tools that are only available through Motorola.
Can you imagine if Dell or HP installed a chip on their machines that would make sure that you weren’t installing another OS on their hardware? If your computer came with Vista, and you tried to install Windows 7 or Linux, too bad, now you can’t even boot up your computer.
It sounds crazy when it’s put that way, but for some reason when you put it in the context of a phone it somehow becomes acceptable? I don’t think so, do you?
I’m certain that it’s only a matter of time before some enterprising developer figures out how to “bypass” eFuse, or “trick” it into thinking everything is “stock”, which would allow a custom ROM to be loaded.
But that brings up a bigger concern: the DMCA, or Digital Millennium Copyright Act. The DMCA sounds like a good law, it simply updates the U.S.’s copyright laws to apply to digital technologies… or so the RIAA and MPAA want you to think. In reality it makes a felon out of anyone who even attempts to circumvent an encryption system. That’s right, even attempting to circumvent an encryption scheme.
(This loathsome piece of legislation was introduced by Utah’s Orrin Hatch — my Senator, who refused to comment on the bill prior to its passage, despite my repeated calls for him to withdraw it — but that’s fodder for another post on another website entirely.)
I don’t know exactly how the eFuse chip works, but I doubt it has a copy of the entire bootloader code stored on it. Instead, it likely stores some kind of hash (like MD5) of the bootloader.
“Hashing” something means using a mathematical algorithm to convert a large amount of data (a file, for example) into a smaller, representative value. Comparing the “hash” to the original file will essentially tell you if the file has changed — even adding an extra space to the end of a file will change its hash value.
There’s the problem: even simply spoofing an MD5 checksum to bypass eFuse could be seen as “circumventing an encryption scheme” and would therefore be a violation of the DMCA.
Meaning, even if the Droid X (or one of its brothers) gets a custom ROM cooked for it, just booting up a custom ROM (and bypassing eFuse) could make every single end-user a Federal felon. Even trying to install a custom ROM could turn a power-user into a Federal felon.
Is it likely you’ll have bespectacled gentleman in black suits and ties show up on your doorstep? Not likely. But that doesn’t mean that you haven’t violated a Federal law.
If you’re not in the U.S., you might think none of this applies to you. You’re wrong.
A whole bunch of countries around the world have signed copyright and “intellectual property” treaties with one another which state that they will respect each other’s copyright laws — including the the U.S.’s DMCA.
Other websites are calling for an outright boycott of Motorola phones.
My official recommendation? Don’t buy one until you understand what you’re giving up — and are okay with doing it.