Life cycle ownership: Just like handling hazmat in industrial processes is considered the ownership of the entity using the materials, so too should the waste stream resulting from the end of life of the product. Encourage products that are easy to dis-assemble into mostly parts that can be usefully recycled (used by someone else!)
TCO and Right to Repair assistance. All service manuals and instructions should be public domain. Parts with various cryptographic keys and enclaves must also be serviceable by future end users; physical access (and possibly installed jumpers or other easily replaced parts) to reset and enroll in a new security domain must be part of the design. (I would like to see PCs ship with a 'jumper' connected to a physical key position. Enabling that jumper would E.G. allow BIOS updates, including changing the installed / enabled list of allowed signing authorities, including locally provided options. Empower the end user.)
Firmware blobs for the various chips on a product should also be submitted to the copyright office(s) and ownership of the product constitutes a valid license to obtain a new copy of the blob (for programming / replacement of any chips).
> I would like to see PCs ship with a 'jumper' connected to a physical key position. Enabling that jumper would E.G. allow BIOS updates, including changing the installed / enabled list of allowed signing authorities, including locally provided options. Empower the end user
This would make most users never update their BIOSes, even for security fixes.
Life cycle ownership: Just like handling hazmat in industrial processes is considered the ownership of the entity using the materials, so too should the waste stream resulting from the end of life of the product. Encourage products that are easy to dis-assemble into mostly parts that can be usefully recycled (used by someone else!)
TCO and Right to Repair assistance. All service manuals and instructions should be public domain. Parts with various cryptographic keys and enclaves must also be serviceable by future end users; physical access (and possibly installed jumpers or other easily replaced parts) to reset and enroll in a new security domain must be part of the design. (I would like to see PCs ship with a 'jumper' connected to a physical key position. Enabling that jumper would E.G. allow BIOS updates, including changing the installed / enabled list of allowed signing authorities, including locally provided options. Empower the end user.)
Firmware blobs for the various chips on a product should also be submitted to the copyright office(s) and ownership of the product constitutes a valid license to obtain a new copy of the blob (for programming / replacement of any chips).