[OLPC-devel] OLPC "bootloader"
Krishna Sankar (ksankar)
ksankar at cisco.com
Sun Jun 25 18:11:45 EDT 2006
Yep, if the BIOS is in place, one mechanism could be signed code
with an OLPC cert. Would we be able to get SSL functionality in the BIOS
?
There are couple more dimensions to consider - like the mesh
layer (and the effects there of) as well as power (what happens if
battery power goes off in the middle of an update). I think this
parallels (in terms of assumptions and infrastructure constraints) to
the way they do the updates for the Mars Rovers. May be we should take a
look at the MDS from JPL.
BTW, does each OLPC have a unique ID ? I remember reading
somewhere that we are thinking of uniqueness based on the mac address.
Cheers
<k/>
> -----Original Message-----
> From: devel-bounces at laptop.org
> [mailto:devel-bounces at laptop.org] On Behalf Of Ivan Krstic
> Sent: Sunday, June 25, 2006 2:09 PM
> To: jg at laptop.org
> Cc: devel at laptop.org
> Subject: Re: [OLPC-devel] OLPC "bootloader"
>
> Jim Gettys wrote:
> > Exactly: the point I was making was just that man-in-the-middle
> > attacks are not theoretical, but can and have occurred.
> There may be
> > simple solutions for this case.
>
> If we're handling the reinstall with LinuxBIOS (i.e. not an
> opaque or extremely-constrained system that we can't
> program), MITM just isn't a deeply worrisome attack vector.
>
> --
> Ivan Krstic <krstic at fas.harvard.edu> | GPG: 0x147C722D
> _______________________________________________
> Devel mailing list
> Devel at laptop.org
> http://mailman.laptop.org/mailman/listinfo/devel
>
More information about the Devel
mailing list