[OLPC-devel] OLPC "bootloader"

Jim Gettys jg at laptop.org
Mon Jun 19 20:39:01 EDT 2006 

On Mon, 2006-06-19 at 14:32 -0400, Christopher Blizzard wrote:
> Ronald G Minnich wrote:
> > The controller has complete control over the node. This is how I bring 
> > up my OLPC nodes now to burn flash. It's a very fast boot, and the node 
> > has zero autonomy. The flash image for this could be very small with 
> > uclibc.
> > 
> > But I like the idea of a mode in which the node has zero autonomy, and 
> > is basically remote-control for loading. I think we could help set this 
> > up. Also, the additional part we can bring in (from existing projects, 
> > nothing new!) is the authentication stuff which would get us the 
> > security we need for the wild world.
> 
> Yeah, I think it's what makes it possible to explore different ways of 
> doing an install over wireless.  And if we do it right it will be very 
> forwards-compatible.
> 
> I'd love to examine the security issues.  
> I'm not sure how far we want 
> to go with those.  The fact that you can depend on your friend sitting 
> next to you affects the picture quite a bit.  The only thing we need to 
> worry about at that point is man in the middle attacks and coming up 
> with a way to identify which machine you're talking to.  The fact that 
> they can be co-located helps a lot.  It might be enough to match a set 
> of numbers or images on two screens.
> 
> We might be over-thinking this, though.  We're all computer experts in 
> thinking about what _could_ happen.  But maybe it's fine to just trust 
> your local wireless network.  The larger the set of people (think 1,000 
> child schools) the more likely you are to have problems.  But in a 
> 30-person school?  Eh.
> 
Unfortunately, we do have to worry about the security issues.

MIT Project Athena has seen man-in-the-middle attacks: if that can
happen there of only a couple thousand machines, we can see it in our
world.

And the Thai's have schools up to 3000 students.

Whether we have to deal with it on our first day, is a different
question.
                       Regards,
                              - Jim

> --Chris
> _______________________________________________
> Devel mailing list
> Devel at laptop.org
> http://mailman.laptop.org/mailman/listinfo/devel
-- 
Jim Gettys
One Laptop Per Child

More information about the Devel mailing list