[OLPC-devel] Secure BIOS on the OLPC
krstic at solarsail.hcs.harvard.edu
Sun Aug 27 22:17:29 EDT 2006
Krishna Sankar (ksankar) wrote:
> The signed code paradigm is being used by Microsoft, Java et al.
Signed code works, but that's sort of beside the point. In this case,
what's in question is a particular and rather unusual implementation
thereof, and I wanted to get a bunch of eyeballs on the unusual bits to
make sure I didn't miss something.
> Embedding an OLPC public key in the bios for bootstrapping is fine.
> We need to make sure, it is protected properly
I don't know what you mean by 'protected properly'. The key is public,
so it's available for download on the Internet. Protection against the
BIOS being maliciously overwritten is the whole point of the scheme; the
public keys just get a free ride because they live within the LB payload.
> unique MAC address
I will almost certainly make the MACs unusable for identifying the
machines. See e.g. RFC 3041. More details to be provided in the spec.
> But, want to caution that either the
> key or the serial number or the MAC address can be spoofed (under
> proper conditions) and so we should make sure, we do not put *undue*
> trust in any of these artifacts.
There's no trust being put into either one.
Ivan Krstić <krstic at solarsail.hcs.harvard.edu> | GPG: 0x147C722D
More information about the Devel