The National Academies Press

Currently Skimming:

7 Updates in the Consumer Electronics Industry
Pages 42-46

The Chapter Skim interface presents what we've algorithmically identified as the most significant single chunk of text within every page in the chapter.
Select key terms on the right to highlight them within pages of the chapter.

From page 42... ... He described the challenges involved in building and securing consumer electronics, including the use of off-the-shelf components, business-side considerations at play, and a variety of technical factors. Drewry explained that the products he has worked on typically include an operating system and an application layer on a physical device such as a phone or laptop, although these products have a variety of update strategies. Read the entire page →
From page 43... ... Mobile or device processor vendors layer software on top of a chip -- that may itself be modified or adapted, creating an opening for problems. A few years ago, for example, Intel released microcode updates that could inadvertently alter instruction codes, causing some alarm. Read the entire page →
From page 44... ... Key management is also necessary to keep updates secure, but that brings in more people, more technology, and enormous expenses, "just to get a modicum of assurance," Drewry noted. Because companies want their customers to use the updates, it is also important to carefully manage how and when they are deployed; updates can't be so frequent that users ignore them, and they can't cause frustrating instabilities. Read the entire page →
From page 45... ... Windows 10 recently added the "Windows Trusted Boot." Older TiVo devices used to rely on the kernel to check that certain key files had not been altered, and Google is constantly checking all the software signatures and configurations every time a device is restarted, not just when software is first loaded. ADDITIONAL TECHNICAL COMPLEXITIES Rollback protection, a mechanism to prevent the system from reverting to an older version of the software, raises additional challenges, Drewry said. Read the entire page →
From page 46... ... Is there a way, he wondered, to build in special protections to keep a device from being penetrated on its very first startup? Drewry expressed agreement that initial startup could present added vulnerabilities, offering as an example the story of Chromebooks that were manufactured in large numbers and then ultimately sold by resellers up to 2 years later. Read the entire page →

From page 42...

... He described the challenges involved in building and securing consumer electronics, including the use of off-the-shelf components, business-side considerations at play, and a variety of technical factors. Drewry explained that the products he has worked on typically include an operating system and an application layer on a physical device such as a phone or laptop, although these products have a variety of update strategies.

Read the entire page →

From page 43...

... Mobile or device processor vendors layer software on top of a chip -- that may itself be modified or adapted, creating an opening for problems. A few years ago, for example, Intel released microcode updates that could inadvertently alter instruction codes, causing some alarm.

Read the entire page →

From page 44...

... Key management is also necessary to keep updates secure, but that brings in more people, more technology, and enormous expenses, "just to get a modicum of assurance," Drewry noted. Because companies want their customers to use the updates, it is also important to carefully manage how and when they are deployed; updates can't be so frequent that users ignore them, and they can't cause frustrating instabilities.

Read the entire page →

From page 45...

... Windows 10 recently added the "Windows Trusted Boot." Older TiVo devices used to rely on the kernel to check that certain key files had not been altered, and Google is constantly checking all the software signatures and configurations every time a device is restarted, not just when software is first loaded. ADDITIONAL TECHNICAL COMPLEXITIES Rollback protection, a mechanism to prevent the system from reverting to an older version of the software, raises additional challenges, Drewry said.

Read the entire page →

From page 46...

... Is there a way, he wondered, to build in special protections to keep a device from being penetrated on its very first startup? Drewry expressed agreement that initial startup could present added vulnerabilities, offering as an example the story of Chromebooks that were manufactured in large numbers and then ultimately sold by resellers up to 2 years later.

Read the entire page →

← Previous Chapter Skim

Next Chapter Skim →

This material may be derived from roughly machine-read images, and so is provided only to facilitate research.
More information on Chapter Skim is available.

7 Updates in the Consumer Electronics Industry Pages 42-46

7 Updates in the Consumer Electronics Industry
Pages 42-46