Protection for Unauthorized Firmware and Software Upgrades to Consumer Electronic Devices
First Claim
1. A method for indicating to a consumer electronic device that a firmware update image is authorized by a software update server comprising:
- retrieving by a software update server an expected authorization checksum value corresponding to a specific class of consumer electronic devices;
determining one or more modifications to a preliminary firmware or software update, patch, or upgrade image to force a checksum collision with the retrieved expected authorization checksum value;
modifying the preliminary firmware or software update, patch, or upgrade image according to the determined one or more modifications; and
propagating the modified firmware or software update, patch, or upgrade image to consumer electronic devices in the class of consumer electronic devices.
1 Assignment
0 Petitions
Accused Products
Abstract
A firmware or software update, patch, or upgrade image is authenticated by forcing its checksum to match a pre-determined value. The pre-determined value is known by a consumer electronic device in advance of propagating the image for installation. Upon propagation, the device determines a checksum value of the received imaged, and compares the checksum value to the pre-determined expected authenticity value. If they match, the image is installed. In an optional feature, the image is executed by the device and modifies the pre-determined checksum value to a next value, which is also shared or known by the image server. In this variation, no two images have the same expected value, and unauthorized images may be rejected for installation.
39 Citations
20 Claims
-
1. A method for indicating to a consumer electronic device that a firmware update image is authorized by a software update server comprising:
-
retrieving by a software update server an expected authorization checksum value corresponding to a specific class of consumer electronic devices; determining one or more modifications to a preliminary firmware or software update, patch, or upgrade image to force a checksum collision with the retrieved expected authorization checksum value; modifying the preliminary firmware or software update, patch, or upgrade image according to the determined one or more modifications; and propagating the modified firmware or software update, patch, or upgrade image to consumer electronic devices in the class of consumer electronic devices. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A computer program product for indicating to a consumer electronic device that a firmware update image is authorized by a software update server comprising:
-
one or more tangible, computer memory devices; first computer instructions for retrieving by a software update server an expected authorization checksum value corresponding to a specific class of consumer electronic devices; second computer instructions for determining one or more modifications to a preliminary firmware or software update, patch, or upgrade image to force a checksum collision with the retrieved expected authorization checksum value; third computer instructions for modifying the preliminary firmware or software update, patch, or upgrade image according to the determined one or more modifications; and fourth computer instructions for propagating the modified firmware or software update, patch, or upgrade image to consumer electronic devices in the class of consumer electronic devices; wherein the first, second, third and fourth computer instructions are stored by the one or more tangible computer memory devices. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A system for indicating to a consumer electronic device that a firmware update image is authorized by a software update server comprising:
-
an update server having a logical processor; a retriever portion of the update server for retrieving an expected authorization checksum value corresponding to a specific class of consumer electronic devices; a determiner portion of the update server for determining one or more modifications to a preliminary firmware or software update, patch, or upgrade image to force a checksum collision with the retrieved expected authorization checksum value; a code modifier portion of the update server for modifying the preliminary firmware or software update, patch, or upgrade image according to the determined one or more modifications; and a propagator portion of the update server for propagating the modified firmware or software update, patch, or upgrade image to consumer electronic devices in the class of consumer electronic devices. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A computer program product for indicating to a consumer electronic device that a firmware update image is authorized by a software update server, the computer program product prepared by a process comprising:
disposing onto one or more tangible, computer memory devices; first computer instructions for retrieving by a software update server an expected authorization checksum value corresponding to a specific class of consumer electronic devices; second computer instructions for determining one or more modifications to a preliminary firmware or software update, patch, or upgrade image to force a checksum collision with the retrieved expected authorization checksum value; third computer instructions for modifying the preliminary firmware or software update, patch, or upgrade image according to the determined one or more modifications; and fourth computer instructions for propagating the modified firmware or software update, patch, or upgrade image to consumer electronic devices in the class of consumer electronic devices. - View Dependent Claims (17, 18, 19, 20)
Specification