Microsoft’s Xbox and Surface hardware may be getting easier to repair, according to a press release from shareholder advocacy nonprofit As You Sow. According to the announcement, Microsoft has agreed to evaluate and expand the repair options for its products “by the end of 2022.”
The promises are a bit vague for now, but hopefully this will have a real-world impact.
They are getting better, however Microsoft is also victim of recent trends.
For example, Series X is highly repairable (7/10):
https://www.ifixit.com/Teardown/Xbox+Series+X+Teardown/138451
If you just plan to clean up the dust, it is actually not bad… for a home entertainment device; and should be a very quick job.
Surface on the other hand, used to have glued on screens that need very careful handling. And just replacing the screen is listed to be very hard, 1-2 hours process:
https://www.ifixit.com/Guide/Microsoft+Surface+Pro+7+Screen+Replacement/133912
It received a 1/10 on reparability: https://www.ifixit.com/Teardown/Microsoft+Surface+Pro+7+Teardown/128004
Yes the RAM is soldered, and SSD has special shielding. Ouch.
So, this is a very welcome step. I wish these glued screens and soldered components craze is only temporary, and manufacturers build actually serviceable devices.
Vote with your wallet. If the corporations can’t sell irreparable devices, they’ll stop making them.
Well, I already kinda do. But when your choices are between “bad” and “worse”, it does not always help.
sukru,
I was going to say the same thing. I frequently have gripes about purchasing into such closed/restrictive products. yet I reluctantly end up having to because many markets aren’t that competitive. Without sufficient competition, voting with your wallet becomes ineffective. It assumes there’s good competition, which is why it’s so important that healthy markets have competition.
Unfortunately though governments keep allowing markets to consolidate and evolve to the point of oligopolies, duopolies, and monopolies. All the power/wealth/resources end up in too few hands at the expense of choice and competition. And on top of that they often can use network effects to render new competition non-viable. Voting with wallets can’t correct this as long as the majority of us are under their network effects. Open & neutral standards are a good way to nullify negative network effects, but here again the incumbents have the power to steer us away from open standards to benefit themselves rather than society.
Alfman,
Yes, the competition does not always work. Or rather gives us things like “e-Machines” by going in the wrong direction.
As long as at least one manufacturer is willing to cut costs, say by bundling McAffee/Symantec/Whatever security, others have to do the same. And then this builds up, until customers take notice at last, and Microsoft starts selling clean versions of these machines.
Even going “premium” does not help here. Only manufacturers being too greedy, and people being fed up helps.
But, I think for this particular case (being able to repair devices), these seems to be finally some real hope.
sukru,
I agree, it’s good to have companies talking about productive changes for consumers and the environment…we just have to see whether they are truly committed to it or if it’s just lip service. Things have gotten really bad, we need a lot more progress on this front just to undo the industry wide regressions not just in tech but also appliances, etc.
“iPhone 13 A Repair Nightmare – Teardown and Repair Assessment”
https://www.youtube.com/watch?v=8s7NmMl_-yg
Repair-ability should NOT be the domain of niche products, it needs to become the norm. All products that aren’t repairable, especially by design, should receive a failing grade.
That’s the common American bullshit response.
“Don’t buy” doesn’t work when millions of non-IT-savvy people will buy it anyway, and when you don’t have any options anyway. Having to settle for decade-old hardware for hypothetically a bit easier screen replacement isn’t a realistic choice.
Besides the physical ease of replacement doesn’t guarantee actually easy replacement, if you are unable to get your hands on spare parts which probably will be quick to go out-of-stock for these obscure technical experiments.
I will switch sides, and play the devil’s advocate for this one.
There is a valid reason for non-tech-savvy people not caring about reparability. They just don’t want to pay for it.
I will give a tangent example. In the EU tech goods have two years warranty. Here it is 12 months, or sometimes less. 3 months, or even no warranty (on accessories) are common. On the other hand EU prices are usually US price + price of extended warranty. This is reflected with the 1$ = 1EUR exchange rate.
Another big driver are the large enterprises. They could care less to what happens after a three year lease ends. They will buy hardware with a three year contract, and then renew everything.
(Back to regular self).
Yes, this is less than ideal.
sukru,
People don’t care until it needs to be repaired, that’s just human nature.
https://www.cbc.ca/player/play/1346591299727
It’s a serious problem when manufacturers make non-repair-ability part of their business model, because then manufacturers are encouraged to take steps to hamper repair-ability even though it doesn’t result in a cost savings for the consumer.
@Alfman
I care. As part of my procurement decisions I look at repairability among other similar factors, and price versus upgradeability with aftermarket sourced components. I also have a habit of buying critical spare parts just in case. For my laptops I have a spare motherboard, spare keyboards, and a spare screen. For my phones I have spare charging ports and mechanical buttons, and spare manufacturer sourced batteries stored at 55% charge.
So you can imagine why I am royally annoyed about Windows 10, and 4G with 3G/2G going the way of the dodo.
HollyB,
Yeah, I understand that. Some people do think ahead and I’m like you in that regard. I should have said as a general rule most consumers don’t think about repairing something before the need to do it.
It could be. Meanwhile M$ publishes the last Windows 11 which will push a lot of people to acquire a new machine.
I wsa about to say the first thought in my mind when I read this news on another site was Microsoft are trumpeting right to repair while Widows 11 consigns a billion computers to the scrapheap. I get the feeling Microsoft are behaving like corporate sociopaths and just following what they believe will earn them the most money and gain the most positive PR. This is how a lot of politics has gone in the UK too. Something isn’t done because it’s the right thing orbest thing nor is it thought through. They have the same lazy level of reasoning only chasing votes not money (although votes may translate indirectly into money).
If the Wintel alliance believed that strongly where is the plug compatible older CPU I can drop right in so my computers don’t need to be scrapped? Where is the pressure to get companies like Lenovo to issue updates to reverse whitelisting and implement secure boot in rom? What’s with mandating TPM 2.0? What’s wrong with TPM 1.2?
Where’s the class action against Intel for knowingly letting CPU’s with flawed designs out the door?
Where is the regulatory action against Microsoft for colluding with Intel and other IHV’s to push new product just because?
Then there are all those 4G phones which don’t do VoLTE because telecoms companies didn’t impliment a common standard by choice (and Samsung are the worst for indulging this). When 3G/2G is turned off that is a lot of very capable smartphones being scrapheaded when they have the hardware to support VoLTE.
Why can’t i load Windows on my PDP-11? Why doesn’t my Amiga 1200 take Ryzen processors? Where’s the GTX 3070 for my Dell GX1?
You know as well as i do that there’s certain technical limitations that just don’t mean that older sockets can support newer processors. Historically, Intel have actually been pretty good, with things like the LGA 775 supporting processors from late P4 Netbursts to late Core2Quads, and many motherboards supporting 3+ years worth of processors with the right patches. Agreeably, in later Core i-series machines, Intel have been less inclined to keep a socket around for too long, but even now most support at least 2 generations worth of processors, which is comparable to the support the “golden age” of CPU drop-ins had, with Pentium Overdrive chips supporting 486 sockets.
Now secure boot is about the only place i think i can agree with you on. It’s a stupid idea solely designed to keep you from loading alternative OSes. I don’t mind so much when it’s optional, as it does provide a decent level of physical security, but you can fuck right off if you want to enable it be default without any way to turn it off.
Outdated algorithm, less sophisticated chip. much less flexibility. This page covers it quite nicely: https://en.wikipedia.org/wiki/Trusted_Platform_Module#TPM_1.2_vs_TPM_2.0
Intel wasn’t the only company affected. And it was an honest-to-god design flaw that no-one was aware of before the spectre/meltdown revelations. You can’t expect Intel to just cease making chips for 18 months whilst they redesign and manufacture new ones. It’s the same reason that the Ford Pinto and Chevrolet Corsair weren’t cancelled once their glaring design flaws came to light.
I don’t think you can sue a company for trying to sell something supposedly “new” and “beter”. That’s generally what companies do. Sure, there’s morally ambiguous ways of doing that, but there’s companies (for example Sony and the PS3) that are going about forced obsolescence in much more damaging ways than Microsoft are. At least your Windows 10 machine won’t turn into a complete brick once MS pulls the plug on Win10.
@The123king
Actually Intel were very well aware of the Spectre/Meltdown flaws because their own engineers told them. Intel management overrode this. So where is my pin compatible drop in replacement?
As for TPM 1.2 vs TMP2.0 that’s another load of nonsense. TPM 1.2 does the job which is to protect data at rest.
And yes throwing 4G phones under the bus because Samsung management decided they wouldn’t support VoLTE out of the box (iPhone 6 and Pixel 3 do) and telecoms vendors liked finding a way to dodge anti network lock-in laws is an abuse of market position. Regulators have been negligent by not addressing this.
So stop trolling like you’re a company shill. It gets tiring.
Actually windows 11’s TPM requirement is easily bypassable… it doesn’t require it or really any features from the last 10 years of CPU development to run.
cb88,
That’s why I feel it’s so odd for microsoft themselves to require it. It doesn’t make much sense unless they’re planning to use it for something new. I’m still leaning towards DRM.
@cb88
I’m not running a system I need to hack out of the box before it’s usable. That’s just delaying the pain as well as letting Microsoft off the hook. It’s not worth the uncertainty for a quick thrill.
TPM is fine as an option to make life easy for using Bitlocker to protect data at rest. Revving TPM requirements from 1.2 to 2.0 isn’t necessary for this. As for corporate security requirements that’s easily sorted out with security levels and defaults with big scary warnings if you turn it off. It’s not as if I allow access to all and sundry or leave laptops lying unguarded around Chinese hotel rooms.
I really do believe Microsoft management don’t have a clue what they are doing or, really, this is just to shift new hardware as part of IHV backscratching.
We’ve all seen Intel unilaterally declare itself leader of the IC market (it’s not), Google unilaterally decide to implement 2FA, and the NSA handwaving about securing VPN’s. I don’t think any of this is purely coincidental. It’s all a case of “they” want to be the big boss, “they” want your money, and “they” want your data to be “secure” at least in way which doesn’t necessarily secure it for you but secures it against their competition so not secure at all really. I mean, why has Microsoft started demanding Microsoft Accounts to install Windows on top of all the telemetry and Windows expiring if you aren’t connected to the internet?
Here’s a question. For the sake of argument let’s assume TPM 2.0 is necessary. Now why doesn’t Microsoft reciprocate and make Bitlocker an open standard and stop being a gatekeeper for secureboot keys ? At the moment Microsoft are all take, take, and take with no pushback. Overall I think this is yet another issue which should get regulators attention.
TPM 1.2 only supports SHA1. I support the TSM 2 requirement, that makes a lot of sense just for the greater support of hash algorithms. I do not trust companies to ensure that any compensating controls are actually done or correctly implemented. What do I care if some random company sucks and protecting their data? Well, in many cases that’s actually *my* data that they are supposed to be securing. TPM 2.0 and bitlocker for all windows, I’m in heavy favor of that. It would be even better if I had better control over which data was held by which companies, but that’s a pipe dream right now. Best I can hope for is that we raise the minimum bar for companies and require competent defaults.
“Why doesn’t Microsoft open Bitlocker? ”
Good question, they probably should. But still TPM 2.0 shoudl be required.
“stop being a gatekeeper for secureboot keys”
Well, that’s more complicated. Ideally they shouldn’t be but OEMS suck. Its nearly impossible to get them to do things out of the ordinary. Just try getting one to build an arm system with open drivers or at least the technical details required to write open drivers. Having MS be a gatekeeper is less than ideal, but a pragmatic choice that allows most motherboards to run alternative operating systems in secureboot mode with minimal fuss for the end user.
Bill Shooter of Bul,
While I understand this sentiment, the hash algorithms used by TPM don’t really reflect the hash algorithms used by applications nor those available through the microsoft SSPI API.
The main purpose of hashing in the TPM is to vouch for secure OS code. Upgrading TPM to use new crypto is fine and I’m all for it, but this will not automatically increase the security of your data, it’s just one small part of the chain and due to it’s relatively slow bandwidth compared to the high power CPU there’s only so much we can offload to it. TPM 2 is just a small incremental improvement, not the transformative one that it’s being made out to be. Also, the TPM 2 upgrades are already happening naturally regardless, there’s simply no need to justify coercive means.
Even bitlocker, is of limited security value because servers need to be able to unlock themselves to access their files and databases legitimately. Any exploits against any of the legitimate technology stack are going to easily bypass bitlocker’s encryption. It’s by following the best practices over the years that your data is secured: hardening against cross site scripting, consistent escaping HTML, bind parameters for SQL, salt+hashed passwords, assigning daemons the least privileges necessary, security auditing, etc. The security of your data is far more dependent on best practices than the addition of a new TPM module.
Again, TPM2 is fine as a small incremental improvement, but that’s all it is. If you didn’t trust a company’s practices with your data before, TPM2 should not change your mind at all.
I have to agree with HollyB, this dependency on microsoft keys is appalling. It’s disgraceful that secureboot standard was designed without owner control in mind. Thankfully, following much criticism at the time, microsoft mandated BIOS vendors allow x86 owners to disable/change keys. But this was never incorporated into the standard, making the process for owners inconsistent and confusing. On top of this they’ve since reneged on the owner control requirement and I’ve already encountered hardware in the wild where secureboot could not be overridden such that I was not able to run alternative distros. I really hope this doesn’t become more common because this is extremely bad for alt-OS!
Owners should have the explicit right to override manufacturer keys and install the OS of their choosing and secure boot should have been designed with these rights in mind. Anything short of this is unacceptable in a healthy market.
@Bill Shooter
TPM 1.2 with Bitlocker (or equivalent disk encryption) protects data at rest which is what it is designed for and it manages this task adequately assuming no backdoors in Bitlocker. Bitlocker by default in a standard Windows 10 Pro none corporate configuration uses 128 bit AES encryption which isn’t secure against an advanced adversary. (Custom massively parallel decryption hardware plus clever reduction of entropy when guessing passwords and likely exploiting other weaknesses make 128 bits very iffy.) You have to fiddle with it to encrypt with 256 bit AES. AES is only guaranteed to be secure for data at rest not data in transit. But for data at rest TPM 1.2 and Bitlocker etcetera is more than adequate and that’s all I need to protect against.
I don’t need more than this. My machines are access controlled or if travelling never leave line of sight. I’m sure when my back is turned or if I left them switched on someone could do something but this is another set of problems.
By forcing things Windows 11 is obsoleting a perfectly adequate machine for so far unexplained theoretical advantages which add no meaningful security. Instead of obseleting perfectly adequate hardware Microsoft could facilitate a OS security policy with differing levels which could align with certification. That or mandate new machines meet a standard. There’s no need for billionaire executives to force everyone else to buy something new just because they haven’t thought things through.
HollyB,
What is your source for this? As far as I’m aware AES is still used for top secret government classification.
Hmm…In terms of cryptographic security it doesn’t really matter that something is at rest or in transit. In general I would say it’s much more difficult to cryptographically secure a random access medium (including disks) than a sequential stream. Random access requires the ability to decrypt mid-stream, which has security implications over ephemeral key sequences that are easy to generate using one of several block chaining modes.
The main risk to us and opportunity for attackers is if we recycle keys. Recycled keys helps an adversary gain additional clues about a key. So we simply avoid doing that in streaming crypto (including AES block chaining), but consider what this means for random access disk encryption. We could give every sector it’s own key and regenerate this key on every write. This is secure, but having additional metadata for every sector incures a lot of overhead!
Instead lets consider what happens with one key per megabyte (for example) and we want to write a sector? We can change the key in order to not reuse it, but now you have to read the remaining 1MB, re-encrypt it, then write it back out just to write a single sector. This could be secure, however it involves ridiculous overhead. As you can see there are a lot of tradeoffs when it comes to approaching disk encryption.
It’s adequate for many consumers. But I still accept Bill Shooter of Bul’s point about SHA1 weaknesses. Adversaries willing to spend on the order of one hundred thousand or so can realistically find SHA1 collisions.
https://www.computerworld.com/article/3173616/the-sha1-hash-function-is-now-completely-unsafe.html
It doesn’t necessarily help remote attackers attacking daemons, but it might help attackers who have taken possession of the hardware and want to trick the TPM module during it’s integrity checks.
We agree on this. TPM2 is already being deployed in new machines and anyone who wants it can get it. I just don’t see a great justification to force people to buy new machines for the new OS. However from microsoft’s end I think their reasoning is straitforward: they want to increase windows OEM sales after having given up a lot of sales with free windows 10 upgrades. That’s all this is. Deliberately obsoleting current computers will help them increase paying windows 11 customers.
@Alfman
There are multiple sources for this including academic papers, acknowledged experts in the field, and irrc the NSA. I don’t log citations for this topic so you will have to ask around yourself.
AES encrypts data at rest and data in transit differently. Encryption for data at rest uses a slower but more cryptographically secure AES option whereas data in transit uses a less cryptographically secure option of AES for speed. Data at rest is also a fixed amount of data whereas data in transit is intermittant chunks of arbitrary data hence the different methodologies and weaknesses. When encrypting data at rest versus data in transit AES uses slightly different cryptographic techniques. Only data at rest encrypted by 256 bit AES is guaranteed secure because AES for data in transit uses slightly weaker encryption methods. Data in transit is typically time sensitive so is secure for most people most of the time for most purposes but may not withstand a well resourced adversary hence is less than 100% secure.
As you can see you got your understanding of AES the wrong way around.
Also key re-use or leaking keys is a topic in itself.
Please also bear in mind the default consumer level of Bitlocker security is 128 bit not 256 bit. In the real world various techniques can be used to lower the effective entropy of the key which puts AES 128 somewhat under 90 bits of entropy or even lower with advanced techniques which gives Bitlocker with this AES option an effective level of security within the DES range.
As I have already noted massively parallel custom hardware applying advanced techniques will outperform any cluster of generic hardware by orders of magnitude so you have to bear in mind the measuring stick a world class intelligence agency has and the measuring stick the general population have are different enough to alter general perceptions of security. You can find leaked procurement documents for an early GCHQ-NSA prototype online somewhere.
As for SHA1 it’s a red herring. If data at rest is encrypted with AES 256 they don’t have a chance of cracking it and that’s why access control is a topic all of its own.
HollyB,
I’m afraid the onus of backing your claims is yours and not mine. You should already know by now that I’m going to call you out for using trumpian arguments with no evidence..(By extension I should know by now that you always respond in an evasive manor, but here I am hoping this time would be different).
This is false.
The AES cipher (of a given bit length) is identical regardless of application.
https://engineering.purdue.edu/kak/compsec/NewLectures/Lecture8.pdf
While technically you can use a non-standard number of rounds, everything I’ve read about bitlocker suggests they use the AES standard and not a custom variant. So unless you can prove otherwise, I believe bitlocker uses the same AES standard as everyone else.
I think you are under the mistaken impression that AES-256 is only used for disk encryption, where as AES-128 is used in network traffic. Have a look at the section “What encryption techniques were supported by legacy web browsers?” which shows that AES-256 has been an option for TLS encrypted traffic for decades.
https://luxsci.com/blog/256-bit-aes-encryption-for-ssl-and-tls-maximal-security.html
Say what you will, but at least I’m willing to link sources to back claims
That’s right, the bitlocker default is AES-128.
https://docs.microsoft.com/en-us/mem/autopilot/bitlocker
Given that you acknowledge this, it baffles me why you think the AES used for disk encryption is slower and more secure…?
I encourage you to link sources that we can discuss.
Granted hashes and ciphers are used in different applications, so they aren’t directly comparable. Even so it’s worth noting that SHA1 has been publicly broken whereas neither AES-128 nor AES-256 have been yet and are still used for classified government secrets.
@Alfman
Sorry but I’m commenting in good faith and disengaging as you’re getting things well messed up.
Go and read up on AES encryption modes and do some background research and go looking for sources and expertise I have indicated because this is what and whom I am quoting from memory. Also take a closer look at Bitlocker mode selection as iirc it points out what mode it is using. If not it’s in the documentation somewhere. I’ll let you find it yourself.
I’ve already told you I don’t log citations for this topic area. I’m not spending half an hour looking for something just to get “Uh, thanks” and for it to disappear into a black hole. Been there enough times.
HollyB,
So you won’t back your claims, big surprise there.
I’m already familiar with the subject and is why I can confidently say you are wrong. Your claims about data in transit versus at rest do not add up. I’ve already shown that AES-128/256 ciphers are both used for networking and disk encryption. At the very least your assertions need more credible evidence like I’ve been asking for. I want to give you every chance to prove your points, but you’ve been consistent in not providing any evidence at all.
Hence why it’s a trumpian argument, asserted as fact yet void of all substance when pressed.
@Alman
It’s nothing to do with backing up claims! I’m not your secretary. Do your own legwork!
HollyB,
I’ve responded to your points and I have provided sources. But when it comes to defending your claims, the burden of proof is yours alone.
@Alfman
OS News takes up less than 0.5% of my time. I’m not your employee. I owe you neither expertise for free nor citations or anything else on my time. I have a bigger life beyond a tech forum.
Data can be messy. I don’t always get everything right but that doesn’t mean I’m wrong either. Only this week I had to unravel conflicting academic papers and conflicting experts advice on my time when I shouldn’t have had to and that has involved a few hours of background reading. Why? That’s my project. You wouldn’t give it an hour if you even knew where to start,
Simply, you’re not a priority.
HollyB,
You’re right, you have every right to not to back your assertions using sources or verifiable facts. It’s your prerogative. But it’s also my prerogative to call you out on unbacked assertions.
That’s fine. This is one of those cases: disk encryption does not use stronger AES ciphers than those used for network encryption. You don’t have to admit it, but I actually think that I’ve already convinced you.
The irony is that you do care enough to make it into an issue that you then dig into with statements like “There are multiple sources for this including academic papers, acknowledged experts in the field…”. Has making up sources ever worked for you? Seriously it doesn’t come across as convincing at all when somebody calls your bluff and you don’t even have a single source. Maybe next time you can use real sources…or not. It’s your prerogative.