To prevent poaching of an Internet Protocol (IP) set top box (STB) asset
or similar network computing device from one system operator to another,
code executing in the IP STB not only authenticates downloaded software
images using a public key provided in a serial-number assigned digital
certificate, but also confirms that the serial number appears on a signed
whitelist, or does not appear on a signed blacklist. The code executing
in the STB further preferably enforces a rule that only the authority
that signed the already-loaded whitelist/blacklist may replace it with a
new list. Such a "sticky whitelist/blacklist" ensures that if the STB
boots or resets in a new network, the existing authentication list will
not be replaced by a list that is valid for a new or different network,
and, as a result, that new software code images will not be
authenticated.