It isn’t removing the manufacturer’s serial number if the manufacturer manufactures it (supplies it?) with the desired serial number of zero. However perhaps there are other laws that prevent the manufacture of an item with a non-unique serial number. (The Louisiana law appears to contemplate the possibility that a manufacturer does not use serial numbers.)
Clearly the intent of these laws is not about reducing your privacy i.e. in my opinion the intent of these laws is in relation to stolen property. It isn’t stolen if you bought it and it is in your possession. However innocent people can be caught up in laws that are repurposed.
Whether @BaAJJD is in the US, making any of that relevant, is an open question.
PS: It is unclear what the legal situation would be if you left the “forty five” sticker copies of the serial number untouched - presumably none of which can be read in software - while erasing the electronic copy.
The device serial is stored in the firmware as a simple text file, for the express purpose of making the serial accessible to the user should the sticker on the bottom be removed or worn. There are also numerous stickers inside the device with the serial on them as well, but by storing in the firmware it prevents the need to open the device should the back sticker be remvoed/worn.
If that bothers you, then simply zeroize it, put in some random jibberish, or leave it unset when updating the firmware next.
Rather easily … if you have a spare six figure sum.
There isn’t an unlimited supply of 0 days. This one probably got used up catching this one guy - or in any case the 0 day was removed from Tails not long after, albeit “accidentally”.
Great! I have the same question as @kieran Is it possible in pureboot with AEM? Probably needs to resync the HOTP but that’s ok.
It seems to work for pureboot as well. From the image, it seems that you can first select 2-pureboot then select 3- Do not set a serial number. What happens when 3- Do not set a serial number is selected? It will simply be null? @MrChromebox
currently, if running Pureboot, the coreboot utility script won’t let you do any firmware flashing from the OS, since one should use the built-in updater function in Pureboot. That said, it’s a quick edit to the script to bypass that restriction, so as long as the kernel allows reading/writing of the firmware, it can be done.
When updating the firmware, not setting a serial results in the default string ‘System Serial Number’ being used.
If using the update serial number script function, you need to actually set it to something in order for it to be updated (though that’s something I can fix easily enough)
edit: added an issue for that so I don’t forget about it:
I want to summarize the entire post for myself and future users to erase serial numbers with pureboot and AEM.
a. In OS, go to https://puri.sm/coreboot/ and select 1.Updating your firmware using a pre-built image
b. Choose your model and choose pureboot
c. Choose 3. Do not set a serial number
d. The script will prompt you to copy the update to USB and to update via the Heads menu option
e. Update via USB in pureboot
f. Resync HOTP