back to article HP clampdown on 'unauthorised' server fixing to start in January

Hewlett-Packard will start restricting who is allowed to fix its ProLiant servers starting in the new year. HP is changing the way it delivers firmware updates for ProLiant systems from January, The Reg had learned, so only HP or HP-authorised partners are allowed to receive and install the patches. According to a leaked …


This topic is closed for new posts.


  1. phil dude


    I wonder if this is legal? I mean, firmware patches for faults are part of your "goods fit for purpose" rights.

    I must say HP have been quite good in the past for patches and Linux support, and it is a shame they are making themselves anti-consumer for the sake of short-term profits, or just plain protectionism.

    I guess that is one more make of hardware to be added to the pile of "is it worth the hassle?"


    1. LarsG

      Re: legal? We shall see

      So not only do they intend to make redundancies, they want to make sure that those who are made redundant can't set up their own business or work for someone providing a similar service and competition on cost.

      Protectionism I think they call it.

      1. Yet Another Anonymous coward Silver badge

        Re: legal? We shall see

        Limiting free fixes to products in-warranty or in a service contract is probably OK.

        You could argue that the firmware update is fixing a flaw in manufacturing and so is equivalent to a product recall - but you would have a job claiming that the server wasn't fit for purpose if you had used it for its entire warranty period.

        It is definitely illegal to prevent other people servicing your equipment or offering replacement parts. But the plug-compatible laws are a bit out of date when it comes to your firmware.

        I imagine Europe's car makers are watching the case with interest. If HP are allowed to block replacement parts which aren't recognised by HP firmware - yet you aren't allowed to modify HP's firmware - then I'm sure BMW/MB/VW are going to find a reason why their oil filters need to talk to their engine management system.

        1. thondwe

          Re: legal? We shall see

          Car makers can't enforce "only at authorised garages" for their servicing, and "servicing" of a server must include firmware updates when the service engineer installs new hardware??

          Having said that, HP could easily charge for the necessary firmware updates? But suspect they can't block it entirely?

          1. Yet Another Anonymous coward Silver badge

            Re: legal? We shall see

            >Car makers can't enforce "only at authorised garages" for their servicing

            No but they don't have to give away copies of their software. So if they decided that the engine management software needed to reside in the oil filter then anybody would be free to make and fit an oil filter - it's just that only theirs would allow the car to start. It would only be illegal if they did it deliberately to restrict servicing to them.

            >"servicing" of a server must include firmware updates when the service engineer installs new hardware??

            If HP claim that the updates are upgrades - ie a continuing process of improvement and support for new features then it's perfectly reasonable that they only give them to paying customers.

            Its like Microsoft giving you service packs but charging for new versions - there is no law saying what is a service pack vs. what is a new product

            1. Mark 65

              Re: legal? We shall see

              I'm sure the EU are watching with interest.

        2. Nate Amsden Silver badge

          Re: legal? We shall see

          HP and Dell (IBM too and others I'm sure) have long blocked 3rd party HDs from their servers via firmware.

          El reg had an article on it for Dell a few years back since they were a hold out.

          A couple jobs ago we had a bunch of DL585s that were using entirely 3rd party memory(32x2GB chips each), the HP hardware fault light was lit up on all of them for years, though there was never an issue. Maybe coincidence or maybe not I don't know (the systems and memory was installed long before I started at the company).

          In my experience at least the # of times I *need* to upgrade system firmware is really, really rare (barring other changes like installing new cpu types or something that may trigger a supportability thing. I often upgrade firmware regardless if I haven't heard of any loud complaints - but rarely has it been something I've needed to do. My current production servers haven't seen a firmware update in 18 months, and I have no immediate plans to upgrade them further (the servers themselves are ~3.5 year old tech at this point so fairly mature). Oh and we will be renewing the 24x7 4 hour support contracts on these servers when they expire for at least another year regardless...first round expires next October.

          Most of HP's servers(all?) come with a 3 year warranty by default which should entitle you to firmware updates and stuff. Beyond that if there are still critical bugs being found after 3 years that's kind of sad.

          I'm sure people looking to run their servers on the cheap will have no trouble finding copies of the latest HP firmware DVD ISO images if they wanted to regardless.

        3. This post has been deleted by its author

        4. Tom 13

          Re: server wasn't fit for purpose

          In a proper judicial system that argument would get laughed out of court. To return to the over-used car example, when the manufacturer issues a recall, they can't claim the car was fit for purpose because you've been driving it to the point at which they issued the recall. Granted that means there is a fair amount of uncertainty on that point in US courts.

    2. Daniel von Asmuth

      Re: legal?

      I have think sinking feeling the law in most countries will allow this. Hail to the Microsoft of hardware.

      1. Anonymous Coward
        Anonymous Coward

        Re: legal?

        "Hail to the Microsoft of hardware."

        Surely you mean the Oracle of hardware? Last time I checked, anyone can download Microsoft updates and service packs.

        1. Ancientbr IT

          Re: legal?

          To download such updates you have to have satisfied Microsoft's Genuine Advantage requirements, which most systems probably do by communicating with MS in the background.

          I have two different installations of an MS OS and both reside in the same box (dual boot); both had to go through Genuine Advantage registration (to prove they were legitimate and not pirated) in order for me to download any patches or updates, or register for Automatic Updates.

    3. Anonymous Coward
      Anonymous Coward

      Re: legal?

      I guess it's dependant on what you expect from HP in terms of warranty.

      It's already the case that a manufacturers warranty requires you to have your car serviced and maintained to their standards.

    4. Long John Brass

      Re: legal?

      I remember years ago I actually sat down an read the hardware "contract" that came with some very expensive kit from a vendor who shall remain nameless

      The thing that made me laugh was a line in the small print, right at the bottom of the document it said something along the lines of (I can't remember the exact wording)

      "This device(computer) is sold on the understanding that it may or may not function as a computing device"

    5. Delbert

      Re: legal?

      I think you are correct in consumer law , holding a customer to ransom when you have supplied goods with a fault is not going to fly and is likely to get you dragged into court for failing to comply with the law,. Persue this in the local small claims court and send in the bailiffs to HP for reparations and siezures when they try to ignore it!

    6. Inachu

      Re: legal?

      THey want to be like geeksquad and charge extra no matter what even if a part is replaced and only costs $7 but charges the customer over $400.

      The honest tech will charge the customer $7 and perhaps just $100 per incident.

  2. Erik4872


    First legacy stuff, now current stuff? That was fast...

    I wonder how this is going to be implemented. HP was always helpful in that you could browse their website and pull down individual updates or the entire SPP (or what used to be called SmartStart/PSP) for free. I guess this explains the little cautionary messages I've seen popping up when downloading drivers saying that they're provided only for registered owners with valid warranties.

    I guess we're going to have to keep maintenance contracts in force for our hodgepodge lab or just go without updates...

    It'll be interesting to see how this plays out. AFAIK Dell and IBM still give out updates to anyone. I didn't know there was a huge gray market repair business...I use the free access to drivers/firmware just because our company has a "diverse" set of equipment that our group ends up supporting whether we like it or not.

  3. Jon Green

    Apparently, when you buy an HP server, you don't own it.

    I guess the last ProLiant server we bought just became the very last ProLiant server we bought.

    I've no interest in being railroaded into HP's choice of maintainer, or forced to pay for a rolling contract for the privilege of actually getting patches.

    Memo to HP: HP Is Not Apple.

  4. Darryl

    Good news for Dell's server sales division?

    1. Jon Green

      I should say so!

      I was speccing out a ProLiant only last night, for ordering in the New Year. Funnily enough, I find myself on the Dell site today. We're moving towards fully cloud, so this was likely to be one of the last, probably the last, server hardware we buy before that transition.

      As far as I'm concerned, when I buy hardware, patches and provisioned software updates are part of the deal; part of what I'm paying for with the purchase price. They're not a value-add that goes with a service contract we don't need (we're fully capable of servicing our own equipment, thanks). If that's what HP's doing with their systems now, they just substantially devalued the hardware compared to Dell's et al - but without a corresponding price drop, of course.

      My guess is that they're trying to maximise their incomes, in the face of sales slumps due to substantial and increasing rates of cloud adoption. Make the maintenance contract an unavoidable part of the sale, in other words. It makes me wonder how many 12-bore rounds they're going to fire at their own lower limbs before they find themselves without a remaining leg to stand on.

      1. Anonymous Coward
        Anonymous Coward

        Re: I should say so!

        Out of the frying pan and into the fire

        It’s a policy that’s already been introduced by Cisco Systems, IBM, Dell and Oracle – a fact highlighted by HP as an attempt to pass off the change as nothing extraordinary.

        So jumping to Dell isn't going to help much.

        Going to make it interesting to see what they do about just using rsync to mirror the SDR.

        1. jabuzz

          Re: I should say so!

          Except it does not appear to have been adopted by Dell in the slightest. I have for example just downloaded a BIOS update for a PowerEdge R810 released less than two months ago.

      2. Tom 13

        Re: I should say so!

        Lower limbs? I suspect they haven't quite realized their aim is a bit higher than that, maybe even much higher.

        On the bright side, since El Reg got a copy of the secret memo before the policy is officially announced, maybe someone will be able to point out their mistake to them before they pull the trigger on this one.

    2. MacGyver

      And they're still up for the Dell 1850s and 2950s. You can't get much more "Out of warranty" than a 1850. (except for maybe 6600s)

  5. Anonymous Coward
    Anonymous Coward

    > We are implementing changes in firmware and Service Pack for ProLiant (SPP) access for ProLiant Servers that will protect them from being downloaded by unauthorized maintainers. This is in line with our commitment to support entitled customers, whether directly or through authorized partners, and follows industry practices of protecting HP’s firmware and software updates.

    So, they don't attempt to justify it at all. This is just a re-statement of what they're doing, other than "everyone else does it so we are now", which of course is not actually true.

    1. MacGyver

      "That's a real nice server you got there, it'd be a shame if something was to happen to it."

      If they make a fix because the hardware needs it, then they need to make it available to all the owners of that same hardware. To do otherwise is simply extortion.

      So if I bought it myself, and I'm my own tech support, am I now the unauthorized maintainer owner?

  6. Anonymous Coward
    Anonymous Coward

    Yet another stunning decision...



    Leaving hardware business..

    HP. The way things are not meant to be.

    1. Anonymous Coward
      Anonymous Coward

      Re: Yet another stunning decision...

      You forgot:

      Moving sauce production from the UK to overseas.

      1. Anonymous Coward
        Anonymous Coward

        Re: Yet another stunning decision...

        At the present rate of progress, in 20 years the sauce will be the only HP branded product left. But by then it will probably be made in a cheap offshore operation of a Chinese company - in UKIP England.

        1. jonathanb Silver badge

          Re: Yet another stunning decision...

          HP Sauce is made in Poland these days.

  7. Steve Davies 3 Silver badge
    Thumb Down

    That settles it. HP is in deep do-do

    They will find that this stunt backfires on them big time.

    Carly, sorry Meg is busy pulling up the drawbridge while inside Fort HP the flames are out of control.

    1. Erik4872

      Re: That settles it. HP is in deep do-do

      > They will find that this stunt backfires on them big time.

      I suspect you're right, but we'll see how badly customers react to it. In my opinion, even if I didn't need firmware updates for a product, just knowing HP wasn't going to lock me into a support contract the way Oracle, IBM, etc. do would probably add another checkbox on the "pro" side when considering what hardware vendor to go with.


      Problem is that HP knows big enterprisey customers do one of two things with hardware when the warranty expires:

      - Call the scrap dealer and roll in new hardware

      - If you can't replace it, extend the warranty until you can't, then call the scrap dealer.

      If they're nice about it and just let you enter any ProLiant serial number to pull down any update you need, then this may be no big deal. But, if you have to leave your server connected to the Internet all the time to phone home to HP's hardware monitoring service, or you need to know the exact serial number of the P420 array controller installed in one of your servers to get an upgrade for it, that's just going to piss people off.

      The funny thing is that this goes in cycles with proprietary hardware and software vendors. Big software shops are a mixed bag. Microsoft Office and Windows are heavily policed license wise while their server products are open. Oracle basically says, "Here, have full point releases of our products. Patches aren't free, and God help you if we find you're running underlicensed in production." CA does a mix in all their hodgepodge of products. Cisco just recently got tougher on IOS entitlements but was previously pretty open. SAP is insanely fortressed off -- I have to beg customers our company does integration work for to collect SAP support notes and software from the support site because we can't get access. So HP isn't alone on the "we don't give anything for free" front, but it's not universal.

    2. Roger Greenwood

      Re: That settles it. HP is in deep do-do


      Dear HP:- IT peeps are smart and have memories like elephants. Servers like yours are not sold to dummies.

  8. Don Quioxte

    There is established case law on this...

    From the LAST time HP tried this, at least in California.

    1. Jon Green

      Re: There is established case law on this...

      Ohhhh, I hadn't heard about that - do say more! Links?

      1. Don Quioxte

        Re: There is established case law on this...

        Apologies for not having the legal citation, however I worked in the 3rd party maintainer biz in California a couple of decades back (Abtech Systems) and it was a story told to all new employees (back when paper was the preferred medium of communication) about how HP tried to freeze out 3rd party maintainers, how the maintainers went to court and won big time all down the line.

        This legal decision is reflected in the "HP Americas Self-Maintainer Program"

        Which is the latest version of the implementation of that legal decision from 2 to 3 decades ago.

        Perhaps a lawyer (or a 3rd party maintainer) with a long institutional memory has a California legal citation?

  9. admiraljkb

    The unexpected consequence?

    More HP server crashes and/or data corruption due to firmware not being updated, and HP getting a very dirty name inside HP shops because the internal support guys that used to "just handle" the firmware updates (without the upper mgt involved), weren't the guys named in the contracts for having access to the firmware updates. Larger orgs might now be impacted since they have major league change control processes in place already, but smal/medium orgs will definitely get impacted.

    What happens outside the HP Ivory Tower? Back out here in the real world many companies, with service contracts or not, will slow down and possibly stop the firmware updates. A few crashes later and/or a major data loss, and you'll have Dell, Cisco, IBM, etc with a foot in the door.

    1. Destroy All Monsters Silver badge

      Re: The unexpected consequence?


  10. Destroy All Monsters Silver badge
    Paris Hilton

    Enter the clown with transferred embigenned relationship loyalty

    "but the support doesn’t match the breadth and depth of HP’s support expertise"

    Currently being rightsized, apparently, so there might be a match soon (unsure whether from top or bottoms).

    "nor does it give our partners the added loyalty from an ongoing relationship built over time between HP and the customer" (shortened for sematic clarity)

    So there is a relationship between HP and the customer, which somehow adds loyalty, which is then given to partners?

    What the hell does that mean?

    1. Fatman

      Re: Enter the clown with transferred embigenned relationship loyalty

      "nor does it give our partners the added loyalty from an ongoing relationship built over time between HP and the customer" (shortened for sematic clarity)

      So there is a relationship between HP and the customer, which somehow adds loyalty, which is then given to partners?

      What the hell does that mean?

      It means: "Bend over, grab your ankles, and pray that they use plenty of lube!!!!!

  11. Corporate Scum

    Great, there went my plans for the Xmas Break

    I was really, really hoping I'd get to finish my winter break Todo list early enough to take a couple of well deserved days off. Instead, with no prior warning, I find out the the storage array I just bought THIS YEAR, will need to be recommissioned because HP changed the terms after they sold it to me. Now all I can do is hook it up to our old cold storage server and use it for a secondary storage target.

    So now, two days before Xmas, I have to re-provision the storage pools for my Virtual Servers, Two iSCSI Servers, redo their LUNS, Redo the start-up targets on everything pointed at the old array... Then there is the little problem of procuring and installing new drives in the main cluster to cover the loss of space...

    Burn in test it all... Redo all the backup scripts...

    Ok, anyone want to go in on the 800$/Ton to send Meg a nice post XMAS Coal shipment?

    In the end we will have this fixed, tested and working before the rest of staff get back from the New Years holiday. The only ones who will know be the people who sign off on my overtime, my girlfriend who may be spending the week of new years by herself and anyone who mentions HP to me in the next couple of years.

    1. Anonymous Coward
      Anonymous Coward

      Go throw your tanty somewhere else please

      Tsk. Enough with the melodrama please. I get enough of that from the family this time of year.

      If you bought the array this year it'll be under warranty. You're not going to change the array usage. You bought it for a reason and you still need it. You can use it without a service contract - you just won't be able to update drivers, so unless you intend to use it in an unusual configuration that you don't plan on testing until the warranty runs out - you'll be fine.

      So chill, OK ? - oh and buy your girlfriend something nice, she deserves it, you sound like hard work.

      1. asdf

        Re: Go throw your tanty somewhere else please

        I down voted both of you because you both sound like whiny douche bags.

    2. hmas

      Re: Great, there went my plans for the Xmas Break

      You bought an EVA this year? Hahaha.

  12. Gabe

    Submit post: HP clampdown on 'unauthorised' server fixing to start in January

    Stop buying HP servers. There are a lot of other companies that will supply better, cheaper servers, like Dell and Supermicro. I've used them and never had any problems. I've even used HP servers that I purchased used. I sometimes build my own servers and I can put anything on it and it blows away HP servers.

    1. Sandtitz Silver badge

      Re: better, how?

      Please enlighten, how are the Dells and Supermicros better?

      Do their warranty services work faster and better than what HP can offer?

      Do they have better software update system than HP?

      Do they support more Windows/Linux distros than HP?

      Do the offer better education courses than HP?

      Do you get better telephone support?

      Is the HP lights-out system weaker than competition?

      Do answer, because I'm not that familiar with recent Dells and have never seen Supermicro servers. HP servers just tend to do what I expect them to do: serve well until decommisioned due to obsolescence.

      For the record, if HP stops servicing out of warranty servers I'll be pissed as well.

      1. Jay 2

        Re: better, how?

        Over the past year we've inherited a lot of HP kit, and we're mainly a Dell shop. So I've got to see things from both sides. We have 3rd party hardware support, so I can't comment on any differences there.

        We run a mish-mash of RHEL/CentOS and both Dell and HP provide firrmware updates for (Enterprise) Linux distros. I would say that HP's SPP/MCP is probably a bit more distro-friendly than Dell's OMSA, but they will both do RHEL and SUSE based distros.

        From a firmware point of view getting hold it it (via the web) is easier for the Dell kit, as getting any info out of HPs website can be hit and miss. I also prefer the Dell OMSA method of getting a running server to update itself, rather than HP's SUM (I think) where you have to register a server and push it out. On a brief play with the latest version of SUM I found it to be quite dumbed-down and not as forthcoming with information on what you're pushing out to where.

        For a one-off (ISO) boot firmware update I much prefer HP's Smart Update DVD than anything from Dell. Mainly as the HP method actually manages to update the lights out card you're probably using, whereas the Dell versions don't.

        Which brings me on to lights out cards. Dell's DRAC offerings have improved quite a bit over the years, and iDRAC7 is pretty good. They must have been looking at HP, as now for the 'Enterprise' version where you can use the dedicated LOM port, a license is needed. Though I'm pretty sure you can still use the console, unlike HP's iLO3 where that's what you need the license for. With the iDRAC7 I'll say that it seems to have a better awareness of the other hardware in the server. So before you might have to run up the OMSA front end to see what was going on, but this (or a lot of it) now seems to be integrated into the DRAC, whereas as far as I know you'd have to fire up HP SMH separately.

        One thing that HP iLO is still better than Dell iDRAC is the actual console. They both use Java to do all the hard work, but the iLO console is pretty rock solid. The iDRAC is still very flakey and will freeze/dropout at the most inopportune of times, usually on CentOS when the kernel selection screen kicks in...

        On reflection, I think I slightly prefer HP kit but Dell isn't that far behind.

        1. Sandtitz Silver badge

          Re: better, how?

          "From a firmware point of view getting hold it it (via the web) is easier for the Dell kit, as getting any info out of HPs website can be hit and miss."

          HP has a poorly performing website (404's and timeouts) and slow download speeds (probably runs on Itanic,,,), but I haven't had any problem finding drivers/firmware for any HP kit from the driver download section. (other than the timeouts of course)

          The latest SUM v5 puzzles me, but the earlier versions did pretty well. It updates all firmware, software and drivers in one go, although most firmware updates require a reboot and some firmware updates are done while the server is POSTing, eg. HDD fw. Quite buggy software still.

          Gen8 servers have built-in fw update, "Intelligent Provisioning". Practically replaces the SmartStart and FW Update DVD's.

        2. Anonymous Coward
          Anonymous Coward

          Re: better, how?

          One thing that HP iLO is still better than Dell iDRAC is the actual console. They both use Java to do all the hard work, but the iLO console is pretty rock solid.

          Since you're running Linux, why would you want to handle the console that way?

          Just set the console to ttyS1 and ssh into the iLO and run the VSP command. Can't see why anyone would want to run a graphics head as console on a Linux server. You can always run the GUI over VNC even during the installs. Hundreds of times quicker than the Java based web consoles.

          1. The First Dave

            Re: better, how?

            Because iLO runs during boot up, so you don't have to sit there wondering if the system is stuck at a BIOS prompt/failure.


This topic is closed for new posts.

Other stories you might like

Biting the hand that feeds IT © 1998–2022