[OLPC-devel] Secure BIOS on the OLPC
Tushar Adeshara
adesharatushar at gmail.com
Thu Aug 31 05:39:41 EDT 2006
On 8/30/06, Joshua N Pritikin <jpritikin at pobox.com> wrote:
> On Tue, Aug 29, 2006 at 12:02:18PM -0400, Jim Gettys wrote:
> > "Belt and Suspenders" feels right to me.
>
> Even if kids are going to blindly follow directions about "Hold this key combo
> down to reflash the BIOS", that's good because then they'll know that
> _something_ is happening. Mystery invites investigation. More kids will
> discover the BIOS and its humble purpose.
I think we need to also think about situations where there will be
many such laptops (100 to 500) that need BIOS update. Best way to do
that here would be no physical interaction with machine for BIOS
update.
Think of it, you are the one responsible for updating every software
of laptop including BIOS, and there are 500 laptops. I will prefer a
shell script instead of pressing buttons of 500 laptops.
For security, I agree with signing of BIOS code, but we must have some
way to allow user to update his own BIOS update.
Can we have some dip switch or something like that, which requires
user to open laptop and change it, if he want his own BIOS code? We
generally don't expect child to open laptop and change status of dip
switch, but for developers it shouldn't be difficult.
Thanks and
Regards,
Tushar Adeshara
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.1 (GNU/Linux)
>
> iD8DBQFE9UzwqcqnlKSmC70RAjFFAKC46psSIkREAhcG+h71SZzJYgNuawCfW8WV
> F7aAL64E3z2T/tobJhRsBBk=
> =Aqgy
> -----END PGP SIGNATURE-----
>
>
> _______________________________________________
> Devel mailing list
> Devel at laptop.org
> http://mailman.laptop.org/mailman/listinfo/devel
>
>
>
--
Regards,
Tushar
--------------------
It's not a problem, it's an opportunity for improvement. Lets improve.
More information about the Devel
mailing list