When determining whether a certificate has been revoked, is an Error<T> really more desirable than a segfault? Would you even expect a "is certificate revoked" function to return an Error<T>?
On the flip side, palm recognition allows you to use infrared-based vein biometrics, which requires special lighting conditions. I don't think this is currently feasible for fingerprints.
You can already authorize an arbitrary third party Android app to act as an app store, the only thing stopping you is your own decision making. Can't do that with iOS. You can even build your own AOSP device from scratch if you feel like, and it would be completely compatible with everything in the Android ecosystem (assuming you did a good job). If one party is making an effort to support open software lifecycles, while another is actively trying to inhibit them, isn't it the government's job to step in and correct? If not, why do we even put up with government in the first place?
OnePlus has had their own proprietary charger game running for quite a while now. It's likely related to that. The Switch uses stock USB-C Power Delivery, so Macbook and Pixel chargers would be fine.
Specific to BIOS images, `binwalk` is probably a better choice than `strings.` There's often data in LZMA streams or otherwise compressed, and chances are you're gonna binwalk your image at some point if you want to modify it.
Also, specific to Intel powered motherboards newer than a certain generation, the image should show as an "Intel PCH File Descriptor" or something if you run `file` against it. Don't use this as an integrity check though, `file` is just looking at an Intel-specific header at the beginning of the ROM file.