Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Damaging the hardware is a bit of an overstatement. What people are calling fuses isn't really a fuse in the traditional sense. An eFuse usually is just write once memory. All the limiting features are implemented in software which reads out the state of this memory.


Correct me if I'm wrong, but once the eFuse is triggered (which, if it's write-only memory, still involves a physical change that could be interpreted as damage), it's effectively unfixable without replacing the whole motherboard, reflashing it with your original serial number, IMEI, etc. At least that's what I recall from reading about it - Samsung service can "reset" the Knox lock-out, but they do it by replacing the whole board.

In other words: there's no way for me to just take the phone to my workshop / local hackerspace, and fix it with a soldering iron. Even if I could source the right parts, it's going to be a PITA to make them work. I didn't investigate it further, but I assume that these days, cryptography is used for critical parts to attest each other as genuine (similar to what new iPhones do, which is why you can't just replace the "home" button if it breaks).

Additionally, since I haven't heard of people doing software workarounds, whatever in Knox is reading the state of the eFuse, cannot be trivially patched. I recall reading somewhere that triggering the eFuse somehow overwrites Knox itself - if that's correct, then they may not even be anything left to enable afterwards.

----

I'm going to concede here that my example was somewhat hyperbolic - burning a single eFuse isn't the same as overvolting the whole GPU. But only somewhat - the reasoning/intent behind the two cases is the same. Additionally, cryptography blurs the line between what's hardware damage and what's a software limitation. Take, for example, secure erasure of data: you can smash a hard drive with a sledgehammer and then microwave the remains to slag, but you can get the same result by keeping the data encrypted, and then... losing the keys.


This entire comment is irrelevant. The Knox fuse only matters if you're flashing the stock rom back. Only the stock rom actually cares about Knox. The custom roms all ignore the value from Knox or simply spoof it. In other words it's just punishing you for daring to flash a custom ROM.


If someone goes to the trouble of implementing an efuse, they will also implement the check in the hardware so it can't be bypassed. An easy example is optical drives with fixed numbers of region switches that refuse at the hardware level to read discs from the wrong region and also refuse at the hardware level to switch regions once all the fuses have been blown.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: