For Ti50 devices, is the only option to bypass enrollment to flash UEFI?
If I were to edit the VPD with a programmer, would it just brick the device? Are there any workarounds for this if so?
do you mean in the context of AP RO firmware verification?
Yes, so if you can’t access developer mode to disable AP RO firmware verification and are flashing externally with a programmer (either full ROM or modifying VPD to deprovision)
I’d have to check if the AP RO firmware verification covers the VPD region. if it does, there has to be a procedure to account for serial # changes etc
If you flash UEFI you will still trip RO verification and the device wouldn’t boot.
So basically these devices will are just e-waste if you can’t get the company to deprovision?
I recall someone saying that the RO region is only verified on GSC reset, so you could flash without rebooting the GSC. But take that with a grain of salt.
Does powerwashing/recovery reset the security chip?