Computer hardware manufacturers often differentiate products based on what features are supported or provided by a given system. For example, a networking vendor could offer a series of networking switches with different capabilities for routing or managing network traffic. In such a case, the number of active switch ports may specified in a licensing agreement with the end user. Similarly, what quality-of-service, security or traffic shaping features are enabled in such a networking device may depend on what model an end user purchases. Similarly still, for rack mounted server systems, the number of systems supported by a chassis may depend what model an end user purchases. As one additional example, the features enabled for an appliance or other turn-key system may be varied based the features a user is willing to pay for.
At the same time, in each of these examples, the underlying computing hardware may be virtually (if not completely) identical. Doing so frequently allows the hardware manufacturer to lower manufacturing costs. In such cases, the hardware vendor may use software or firmware to enable and disable different features of a given computing device. For example, a BIOS, operating system or application software installed on the computing device may be used to configure different versions or models of the underlying platform. However, this approach leaves a computing device vulnerable to so-called “upgrade attacks,” where an end user enables dormant capabilities of a computing device by modifying the software used to configure that device. Several cases have occurred where BIOS and OS level code has been modified to circumvent licensing and/or authentication checks done in software. These modifications result in counterfeit, illegally upgraded or otherwise maliciously modified hardware or software being injected into the market.
Further, in some cases the modifications have been made not by an ultimate end-user, but by a channel partner reselling computing devices to end-users. For example, consider two versions of a given networking system, one which sells for $10,000.00 and one which sells for $2,000.00. Assume a reseller modifies one of the $2,000 systems to enable the features of the $10,000.00 system and then sells it to an unsuspecting customer for $7,000.
Not only does such a transaction cost the hardware manufacture substantial revenue, it creates a variety of other problems. For example, the manufacturer may deny the purchaser with the support provided to legitimate purchases of the more expensive system. Similarly, should the system fail, the end-user would likely be denied warranty protection when the unauthorized modification came to light. Thus, these attacks can have a significant impact both directly on the hardware manufacturer's bottom line through direct revenue loss, but also through loss of brand value.