[OLPC-devel] OLPC "bootloader"

Krishna Sankar (ksankar) ksankar at cisco.com
Sun Jun 25 18:11:45 EDT 2006


	Yep, if the BIOS is in place, one mechanism could be signed code
with an OLPC cert. Would we be able to get SSL functionality in the BIOS
? 

	There are couple more dimensions to consider - like the mesh
layer (and the effects there of) as well as power (what happens if
battery power goes off in the middle of an update). I think this
parallels (in terms of assumptions and infrastructure constraints) to
the way they do the updates for the Mars Rovers. May be we should take a
look at the MDS from JPL.

	BTW, does each OLPC have a unique ID ? I remember reading
somewhere that we are thinking of uniqueness based on the mac address.

Cheers
<k/>

> -----Original Message-----
> From: devel-bounces at laptop.org 
> [mailto:devel-bounces at laptop.org] On Behalf Of Ivan Krstic
> Sent: Sunday, June 25, 2006 2:09 PM
> To: jg at laptop.org
> Cc: devel at laptop.org
> Subject: Re: [OLPC-devel] OLPC "bootloader"
> 
> Jim Gettys wrote:
> > Exactly: the point I was making was just that man-in-the-middle 
> > attacks are not theoretical, but can and have occurred.  
> There may be 
> > simple solutions for this case.
> 
> If we're handling the reinstall with LinuxBIOS (i.e. not an 
> opaque or extremely-constrained system that we can't 
> program), MITM just isn't a deeply worrisome attack vector.
> 
> --
> Ivan Krstic <krstic at fas.harvard.edu> | GPG: 0x147C722D 
> _______________________________________________
> Devel mailing list
> Devel at laptop.org
> http://mailman.laptop.org/mailman/listinfo/devel
> 



More information about the Devel mailing list