Why Computers Lacking Built-In Embeddable Storage Lack Real Security
The debate over whether computers should have embedded, soldered storage for the operating system is as old as the devices themselves. This discussion often revolves around the supposed benefits of enhanced security, points that stem from a misunderstanding of what constitutes real security. It is important to clarify that fixing the issue of hardware-based security through soldered storage is not the solution.
Understanding the Concept of Embedded Storage
Embedded storage refers to flash memory chips soldered onto the motherboard of a device, making them permanently fixed and non-replaceable. This concept is often seen in mobile devices like iPhones and Android smartphones, where the storage is tightly integrated into the device's hardware, which can provide some advantages in security and performance. However, the same cannot be said for computers due to various practical and security reasons.
Security in Embedded Storage: A Misunderstanding
One of the primary arguments in favor of embedded storage is that it enhances security by locking the hardware together with the UEFI and BitLocker storage mechanisms. While this idea sounds promising, it misconstrues what constitutes a robust security system. Security is not just about the hardware, but also about software, hardware mechanisms, and user control over the system.
Is There a Difference?
Modern mobile devices use Non-Volatile Memory Express (NVMe) connections for their storage, similar to the replaceable NVMe M.2 storage devices in larger computers. This means that there is no fundamental difference between having embedded storage and replaceable storage from a performance or security standpoint. Mobile devices have their flash storage connected over NVMe to ensure better performance and to mimic the structure of larger computers.
The Role of RPMB Storage in TEE
One argument that supporters of embedded storage often make is the use of Read-Protected Memory Block (RPMB) storage as part of the Trusted Execution Environment (TEE). However, this feature is merely a firmware implementation and does not provide a true hardware security mechanism. RPMB is more of a crutch than an integral part of the hardware root of trust. The concept of a hardware root of trust is about the security of the firmware, software, and boot process, not just the physical integration of storage.
The Issue of Degradation and Reliability
One of the most critical arguments against non-replaceable storage is the issue of degradation over time. Consumer-grade flash storage is prone to failing due to wear and tear. This is particularly problematic in devices that require high durability and reliability, such as servers. Enterprise-grade NVMe SSDs, which can handle three drive writes per day (DWPD), come at a premium price, often hundreds of dollars per terabyte, and must still be replaceable to ensure system reliability and maintenance.
Vendor Lock-in and Right to Repair
The idea of embedding storage is met with resistance from many who argue against vendor lock-in. This is the concept that customers are locked into proprietary systems that cannot be easily repaired, upgraded, or modified by the user. The notion that security should be used as an excuse to deny users their right to repair their devices is fundamentally flawed. There are legitimate ways to increase security without making storage non-replaceable.
Conclusion
In conclusion, making all storage built-in, whether through soldering or permanent attachment, is not a valid solution for enhancing security. The security measures needed go beyond mere hardware integration and require a combination of robust software, firmware, and user control. Making storage non-replaceable can lead to significant issues and does not provide the real security benefits that users need.
Computer manufacturers must balance the need for security with the practical aspects of maintenance, repair, and user control. As the debate continues, it is crucial to look for solutions that enhance security without compromising the principles of user freedom and device reliability.