Computer Manufactuers Are Reluctant To Supply Technical Specs.

When you're looking to buy a computer, it's normal to be interested in what you're buying. 512GB SSD drive doesn't tell me a whole lot. I searched for this information and information was somewhat sparse on this model, so I called the manufacturer directly, being the manufacturer they should be able to provide the full technical specifications, right as they would know their own product better than anyone?

Well, it was very strange, and there is something seriously wrong about the results of this conversation. I wanted to know the manufacturer and model number of of a hardware component that the machine features. They told me that they weren't allowed to tell me that, but that they could tell me the specifications of the component. (which turned out to be, basically the size of storage and memory ... which doesn't tell me a whole lot)

I wanted to know things such as what type of flash memory chips the SSD uses, what ATA security commands it implements, certain specifications (ACS2-spec), and whether or not it implements transparent hardware encryption. They wouldn't tell me any of that, and they're reaction made me think they thought it suspicious that a potential customer wants to know exactly what they might purchase before committing to purchasing something knowing very little about what they are actually purchasing. So he put me on hold, to talk to a higher level agent ... who advised him to not provide these specifications. I told him that not all advice is good advice, and that consumers generally want to know about the product before they commit to purchasing it. They also wanted my name and whether they could use my phone number for this support case. I gave them a phony name ... what's your name and phone number where do you live .. if you're not gonna tell me anything why should I tell you any information about me?

They told me that I would have to do my own research, and I told them that calling the manufacturer is part of my "own research" as the manufacturer should know their own product better than anyone. It's like they don't want you to know these things, I don't know if it's because they think I'm planning on reverse engineering the hardware or something ... who cares .. if I buy it it's my property and I can do whatever I want.

I didn't get anywhere, and told them that if I buy the thing and peek around that I'll be able to tell you everything you wouldn't tell me ... I'd just like to know before I buy, what I'm really buying you see.

There's something wrong about this though. .., very wrong about this picture. Why are technical specs such guarded information. They don't want us to know too much about certain hardware features ... but like I told them, if I actually have the device I'll be able to find out this stuff anyway so it's pointless in keeping it a "big secret", which it really isn't. Why should I buy something that I don't really know everything about what I'm buying?

I probably could have gotten transferred to a different person, and keep trying different people with social engineering but by that time I was getting pretty pissed off, which isn't good for social engineering at all, and as pissed off as I was getting I just didn't feel like spending possibly hours getting transferred to different departments. I explained to him that I support FOSS, and that developing drivers for hardware is difficult unless you know the specs ... and it's simply not economically feasible to ask developers to buy every model of hardware out there and have to reverse engineer it to do so. Manufacturers should provide detailed technical specs, so I just said "I see this conversation is going nowhere, if I decided to actually buy a product from your company, I'll be able to find all of these things out anyway, would you like me to call you back and tell you the specifications that you "are prohibited from providing"? So I basically told him "So, you're basically telling me I have to buy the thing and determine these details and then return it if it's not what I'm looking for" ... and he just basically kept repeating the same scripted loop.

I guess your average computer user thinks "a lot of memory is a good thing, and bigger storage is a good thing and a fast processor", but there's a lot of subtle features that I can't determine if I don't know the manufacturer and model number of a particular hardware component to consult the datasheets or else actually have the machine so I can look around and find all of this stuff out.

They only tell you a little, they won't tell you the low level technical stuff ... and why is what I wonder about. They don't want us to know *too* much, for some reason, and that reason is probably not a very good thing.

Information is power, therefore information should be free!

 

When I used to buy desktops I was just mainly interested it RAM, storage space and a video card. The bigger the number, the better I thought it must be.

Well my main desktop now has a bios error. I've googled and youtubed and tried everything. It's done, and it sucks because it's relatively new. Meanwhile my 7 year old Dino touch wood kicks on like no tomorrow. but I don't connect it to Internet. It sits there for one game only.

 

Well, I was asking about some very specific hardware features and which ones are implemented ... If I'm gonna buy something I believe I have the right to know these things before committing to buying. But I think the fact that what I was asking was so specific and "obscure" that ... idk they didn't want to provide things that specific.

If I could have kept my cool I probably might have made it further, probably would have taken hours ... but I'll admit that pissed me off pretty bad that they wouldn't tell me much of anything these things, as if it's "top secret" information or something lol.

I would go into more detail about the specific ATA commands that it supports, but yeah ... it doesn't matter, I'll find out even if I have to buy the thing and then return it. I'm not gonna go into detail about it here.

anyone actually interested can contact me over other channels of communication. I also wonder why my ISP's SMTP server users insecure authentication and broken encryption ... meaning that my email client can't send emails (the server responds with an incorrect greeting) ... though if I portscan the mail server I can send a message through it using the command line and make it say it was from nobody@nowhere.eu, and without auth. Their security (encrypted authentication) is broken, and what competent systems administrator would set up a mail server this way? I'm not even a professional sysadmin and I can tell them what's wrong, they're server smtp server is misconfigured, possibly on purpose. They don't want us to have very good security (or privacy). They don't care if you your account gets compromised ... But calling them to tell them these things would be futile, they wouldn't fix it cuz they don't give a fuck, and I don't want them possibly deciding to more closely monitor me for pointing these things out; even though all I'm really doing is trying to help, but I'm sure they are well aware of the particular *issues* ... you see.

 

I would be annoyed too because I would then google all the hardware and make sure the reviews were good.

A little hard to do your own research when they aren't providing the details.

 

I can't google all the hardware, because they won't tell me the model number and manufactuer of the hardware that's in it. Just very generic specs such as capacity of storage. I can't google a piece of hardware if I don't know what it is...

The only way I could find that information is through someone who has the same machine and knows the things I'm asking, and it's too new I guess so not that much information on it. these specific details would take a while to find out and I don't have unlimited time. Probably faster just to buy it, find out myself and then return it if I don't like what I see.

 

Build your own tower...


That is all.

 

Uhmm, you do realize that more than likley you were talking to someone reading from a binder that has very little actual knowledge of computers.
The reason they can not quote you specific parts is because (assuming it's one of the major manufacturers) they get parts as they are available ESPECIALLY hard drives.
One week they could be using WD drives and the next they could be using Toshiba or Samsung and the support tech on the phone has no way of knowing the specifics.
Unless you are getting a high tier machine with very specific specs, you get what was the best available when the buyer had to get more hard drives.

They also often get hardware not generally available. A friend is a certified Dell partner and he gets high end servers and having a sales partner, he can get specific components if needed.
For a long while Dell was using WD drives, but not like you or I could get because these drives actually formatted to the stated capacity, for one example. But he had to specifically request them for his clients.


Why the hell are you not just building your own box?

 

I fully concur, build your own machine. If you order your own SSD drive from any decent place, your going to get a better deal and know exactly what you're getting. These companies that sell branded systems, HP comes to mind for some reason, don't know what the hell their selling for the half of it. These companies are just middle men selling you a bundle of marked up, sometimes proprietary, parts.

 

Well, he said he was advised by upper level explicitly not to disclose. I could have pushed harder, transferred to a different department and tried to talk to upper level people until one of them told me what I needed but it wasn't worth my time spending half my day in their call center system. I'll just have to find out these details myself

I do build my own boxes ... a couple people have asked this question so I'll clarify that it's not a tower, or desktop PC. More of a mobile computer.

 

Well I can now say that I bought the laptop, and will be returning it as soon as I re-image the SSD so they will never know that I fucked around with it.

I found out everything the Manufactuerer wouldn't tell me. The SSD supports ERASE UNIT and ERASE UNIT ENH low level ATA commands for securely sanitizing an SSD, however during POST the firmware puts the SSD into a "frozen" state, and the commands failed. Also, booting from external media, or anything that wasn't windows was way more trouble than it ought to have been and resulted in wifi capabilities being locked by the hardware (or really, firmware), meaning that unlocking it using software techniques are ineffective.

I finally decided to disassemble the notebook, and take a peek. I found the SSD drive, as I intended to connect it to my box, bypassing the frozen state so I could send the low level santize commands. The drive was an msata drive, which I do not have a slot for in my box, and would need some kind of strange adapter, or possibly have to build one myself which is far too much trouble. I really got to thinking though ... there's something REALLY wrong here and this goes against everything I stand for. Apparently installing another OS voids the warranty, which is bullshit. Why would you have firmware that freezes the hard drive, making it difficult to perform sanitization from that machine? I know why ... because they dont want you to sanitize it. There were a few other things I could have tried, such as hotplugging the SSD after POST before the BIOS could freeze the SSD... but I was sick of it and decided to just put it back together before I void the warranty and make it unreturnable.

Before I even did the intial setup or booted into the Windows 10 OS it came with I took a full image of the block device, made a SHA1SUM of the image, hashed the SSD block device again and compared to make sure it was an exact byte for byte copy ... that way I can take it back and it looks like I never even used the thing or turned it on..

There were a few other things ... such as in Windows 10 (after making the initial backup image) in the Edge browser, any search site other than msn.com it would issue a security warning saying that the site had invalid SSL certificates ... which is totally bogus. Google.com has perfectly fine SSL certs. So nope, no fucking way! Not what I'm looking for. I'm looking for a fully FOSS laptop solution, with no bullshit firmware that attempt to disable important security features that are otherwise available and implemented by the device (in this case the SSD drive), and compromise the confidentiality of my information.

Another thing that Kinda bothered me was that the battery was not easily removable, you had to remove the back case which is somewhat difficult (not too difficult with the proper tools, but can't be done quickly), and the battery itself is screwed down inside of there with locking plastic tabs that would have to be pried down to make the battery mobile, only then could you disconnect the rainbow wire connector to disconnect the battery from the system. This is important because, as long as ram has enough power to maintain it's state theres's something called a cold boot attack where an attacker can read your memory if it hasn't yet lost it's volatile state, and I could not just yank the battery out to thwart that attack. I have no idea if it still supplies enough power to keep the RAM refreshed even when the laptop is "off", but I wouldn't put it past them after what I've seen. It doesn't take that much power to keep a few ram chips alive and nothing else.

Of course Tails has a built in feature that corrupts your system memory on shutdown, rendering a cold boot attack useless, but I couldn't get wifi to work with tails ... due to the hardware lock; by this I mean firmware config variable, not an actual physical switch (it didn't matter if it was the internal wlan NIC or a USB dongle, anything branded as a wlan NIC device gets blocked). This makes tails pretty much useless unless you happen to have an Ethernet port next to you which is fine for a desktop and generally hate wifi if I can use straight gigabit ethernet as there are just so much fewer problems (no dropped connections), but with a laptop wifi is essential because I need to be able to get online from anywhere at anytime.

I'm currently looking at laptops that are fully FOSS supportive, and hopefully won't have to deal with any of this hardware tyranny. It didnt use to be this way ... but things are getting worse. That's fine ... open source developers around the world will continue to make free open source software that is not only secure, but in many ways better and more capable as it doesn't impose arbitrary limits on what you can do based on what some vendor thinks you ought to be using your machine and/or software for because that's what Joe Average uses computers for.

I mean I'd love to build my own laptop ... but I don't think it'd be very pretty

Scientia Potentia Est.