I've been reading this thread in the e-mail daily summaries, and let me propose a solution that may solve peoples' problems.

1.) When someone actually places an order for their unit, they are also required to enter a challenge/response for identification. They can choose the question and answer, so it should be easy for them to pick something that they feel secure in their ability to answer later. If they want something simple like "Where was I born?", that's their business, it could also be "Who was that redheaded girl I had a crush on in 8th grade and never told anyone about?"

2.) There cannot be a back door to the PIN system. If you forget your PIN and want it reset, you need to send it to Empeg, pay them some money, and let them work whatever magic is necessary. If there's a backdoor, it WILL be discovered, and the system is for naught.

3.) Emplode CANNOT function without the use of the PIN (if enabled), nor can the upgrade tool, lest someone flash their unit with code that has the security hacked out.

4.) Obviously, the empeg unit cannot have the PIN in any "Reversable" algorithm. MD5 or the like would be a good choice here.

5.) Obviously, to get to a command prompt would also require use of the PIN, so that someone couldn't simply replace the hashed PIN data on the empeg unit with their own "known" hash.

6.) There would have to be some wrangling done when the flash IS upgraded, so that the PIN information survives intact. Not sure how much of an issue that is or not, depending on where stuff is stored.