Qualcomm: Difference between revisions

(2 intermediate revisions by the same user not shown)

Line 18:

===Restrictions on software modifications===

Qualcomm employs mechanisms in their Snapdragon SoCs that prevent users from running their own code or modifying firmware or operating system code on their devices. Such mechanisms include Secure Boot where each boot stage authorizes the next stage establishing a "chain of trust". On power-on, the SoC executes the Primary Boot Loader (PBL), stored in immutable read-only memory (ROM) etched on the silicon die making it physically impossible to modify. PBL loads and authorizes the eXtended Boot Loader (XBL), which in turn loads and authorizes the next stage which can be another bootloader or the operating system, all of which are stored in rewritable flash memory. The SoC contains a set of one-time programmable (OTP) electronic fuses within the SoC, which store cryptographic signing keys along with other parameters such as enabling Secure Boot and debugging flags. The signing keys are generated by Qualcomm and the device OEM and are used by the various boot stages to verify images loaded from flash memory. The keys are not provided to the end user, preventing any modifications to the software images.

Qualcomm employs mechanisms in their Snapdragon SoCs that prevent users from running their own code or modifying firmware or operating system code on their devices. Such mechanisms include [[Secure boot|Secure Boot]] where each boot stage authorizes the next stage establishing a "chain of trust". On power-on, the SoC executes the Primary Boot Loader (PBL), stored in immutable read-only memory (ROM) etched on the silicon die making it physically impossible to modify. PBL loads and authorizes the eXtended Boot Loader (XBL), which in turn loads and authorizes the next stage which can be another bootloader or the operating system, all of which are stored in rewritable flash memory. The SoC contains a set of one-time programmable (OTP) electronic fuses within the SoC, which store cryptographic signing keys along with other parameters such as enabling Secure Boot and debugging flags. The signing keys are generated by Qualcomm and the device OEM and are used by the various boot stages to verify images loaded from flash memory. The keys are not provided to the end user, preventing any modifications to the software images.

A technical paper by Qualcomm<ref>[https://www.qualcomm.com/content/dam/qcomm-martech/dm-assets/documents/secure-boot-and-image-authentication.pdf Secure Boot and Image Authentication Technical Overview], ''Qualcomm Technologies Inc.'', Retrieved 2025-10-08 ([http://web.archive.org/web/20260125214228/https://www.qualcomm.com/content/dam/qcomm-martech/dm-assets/documents/secure-boot-and-image-authentication.pdf Archived])</ref> details the Secure Boot mechanism and clarifies the entities allowed to authorize software running on the end device:

Line 27:

Several entities are listed as being stakeholders in the final product, while no mention of the end user is made.

===TOS change after ~~acquistion~~ of [[Arduino]]===

===TOS change after acquisition of Arduino===

On October 2025, Qualcomm acquired Arduino for an undisclosed amount, Shortly after this acquisition, the Terms of Use and Privacy Policy for Arduino was modified in a way that harmed consumers.

On October 2025, Qualcomm acquired [[Arduino]] for an undisclosed amount, Shortly after this acquisition, the Terms of Use and Privacy Policy for Arduino was modified in a way that harmed consumers.

The following is an incomplete list of these changes:

Line 34:

*Introduction of an irrevocable, perpetual license granted to [[Qualcomm]] over all user-uploaded content

*Surveillance-style monitoring implemented for AI features

*Surveillance-style monitoring implemented for [[Artificial intelligence|AI]] features

*Patent infringement identification clause preventing users from identifying potential patent violations

Line 42:

*Global data integration of all user data (including minors' data) into Qualcomm's ecosystem

== Products ==

==Products==

@@ Line 18: / Line 18: @@
 ===Restrictions on software modifications===
-Qualcomm employs mechanisms in their Snapdragon SoCs that prevent users from running their own code or modifying firmware or operating system code on their devices. Such mechanisms include Secure Boot where each boot stage authorizes the next stage establishing a "chain of trust". On power-on, the SoC executes the Primary Boot Loader (PBL), stored in immutable read-only memory (ROM) etched on the silicon die making it physically impossible to modify. PBL loads and authorizes the eXtended Boot Loader (XBL), which in turn loads and authorizes the next stage which can be another bootloader or the operating system, all of which are stored in rewritable flash memory. The SoC contains a set of one-time programmable (OTP) electronic fuses within the SoC, which store cryptographic signing keys along with other parameters such as enabling Secure Boot and debugging flags. The signing keys are generated by Qualcomm and the device OEM and are used by the various boot stages to verify images loaded from flash memory. The keys are not provided to the end user, preventing any modifications to the software images.
+Qualcomm employs mechanisms in their Snapdragon SoCs that prevent users from running their own code or modifying firmware or operating system code on their devices. Such mechanisms include [[Secure boot|Secure Boot]] where each boot stage authorizes the next stage establishing a "chain of trust". On power-on, the SoC executes the Primary Boot Loader (PBL), stored in immutable read-only memory (ROM) etched on the silicon die making it physically impossible to modify. PBL loads and authorizes the eXtended Boot Loader (XBL), which in turn loads and authorizes the next stage which can be another bootloader or the operating system, all of which are stored in rewritable flash memory. The SoC contains a set of one-time programmable (OTP) electronic fuses within the SoC, which store cryptographic signing keys along with other parameters such as enabling Secure Boot and debugging flags. The signing keys are generated by Qualcomm and the device OEM and are used by the various boot stages to verify images loaded from flash memory. The keys are not provided to the end user, preventing any modifications to the software images.
 A technical paper by Qualcomm<ref>[https://www.qualcomm.com/content/dam/qcomm-martech/dm-assets/documents/secure-boot-and-image-authentication.pdf Secure Boot and Image Authentication Technical Overview], ''Qualcomm Technologies Inc.'', Retrieved 2025-10-08 ([http://web.archive.org/web/20260125214228/https://www.qualcomm.com/content/dam/qcomm-martech/dm-assets/documents/secure-boot-and-image-authentication.pdf Archived])</ref> details the Secure Boot mechanism and clarifies the entities allowed to authorize software running on the end device:
@@ Line 27: / Line 27: @@
 Several entities are listed as being stakeholders in the final product, while no mention of the end user is made.
-===TOS change after acquistion of [[Arduino]]===
+===TOS change after acquisition of Arduino===
-On October 2025, Qualcomm acquired Arduino for an undisclosed amount, Shortly after this acquisition, the Terms of Use and Privacy Policy for Arduino was modified in a way that harmed consumers.
+On October 2025, Qualcomm acquired [[Arduino]] for an undisclosed amount, Shortly after this acquisition, the Terms of Use and Privacy Policy for Arduino was modified in a way that harmed consumers.
 The following is an incomplete list of these changes:
@@ Line 34: / Line 34: @@
 *Introduction of an irrevocable, perpetual license granted to [[Qualcomm]] over all user-uploaded content
-*Surveillance-style monitoring implemented for AI features
+*Surveillance-style monitoring implemented for [[Artificial intelligence|AI]] features
 *Patent infringement identification clause preventing users from identifying potential patent violations
@@ Line 42: / Line 42: @@
 *Global data integration of all user data (including minors' data) into Qualcomm's ecosystem
-== Products ==
+==Products==
 {{Ph-C-P}}