[OLPC-devel] Secure BIOS on the OLPC

Tushar Adeshara adesharatushar at gmail.com
Thu Aug 31 09:36:35 EDT 2006


On 8/31/06, Carl-Daniel Hailfinger <c-d.hailfinger.devel.2006 at gmx.net> wrote:
> Tushar Adeshara wrote:
> > On 8/30/06, Joshua N Pritikin <jpritikin at pobox.com> wrote:
> >> On Tue, Aug 29, 2006 at 12:02:18PM -0400, Jim Gettys wrote:
> >> > "Belt and Suspenders" feels right to me.
> >>
> >> Even if kids are going to blindly follow directions about "Hold this
> >> key combo
> >> down to reflash the BIOS", that's good because then they'll know that
> >> _something_ is happening. Mystery invites investigation. More kids will
> >> discover the BIOS and its humble purpose.
> >
> > I think we need to also think about situations where there will be
> > many such laptops (100 to 500) that need BIOS update. Best way to do
> > that here would be no physical interaction with machine for BIOS
> > update.
>
> At some school: "Hey kids, please press spacebar now!"
>
> Laptops are inteded to stay with the kids all the time. BIOS updates
> should hopefully be something needed at most once or twice, unlike
> regurlar kernel updates. So telling kids once in their lifetime to
> press a specific button while they are at school is no significant
> problem.

I suggested something that I would like in a device if I have to
ensure that all laptops are updated. If we require physical
interaction for BIOS updates, we ensure that updates can't be
automated if need arises later on.

I would like to know about problems you can think of with the above approach.

It looks to solve problem of automated BIOS updates (when it is from OLPC),
protection against phishing attacks for child and allows developer to
use his own BIOS code.

Regards,
Tushar
--------------------
It's not a problem, it's an opportunity for improvement. Lets improve.



More information about the Devel mailing list