[OLPC-devel] Secure BIOS on the OLPC

[Ivan Krstić]

Drew Van Zandt wrote:
> Method: Hacker waits for root compromise exploit *at OLPC
> headquarters* 

I have a hard time believing people are claiming that physical key
security can't be done correctly -- I'm not sure what to think about it
other than ascribe it to ignorance. Remember that Microsoft pushes
automatic updates to hundreds of millions of machines every few weeks;
if someone compromised Microsoft's private keys and the Windows Update
service, they could incapacitate most of the world's computers. And yet
this doesn't happen, and people (mostly) don't complain about the
what-if. The power users disable automatic updates, and everyone's happy.

Following further discussion within OLPC and consultation with some very
smart, well-known security folks on the outside to triple-check my
thinking (they were all fully satisfied), I've concluded that the
benefits convincingly outweigh the cons for us, and have requested that
the EC changes I proposed are implemented.

Thanks for everyone's input. I mean that: I understand everyone's noted
reservations in this thread, and believe me, I considered each of your
messages carefully. I also understand some of you may continue to
disagree with this decision, but the matter *is* decided, and I'd prefer
it if we didn't debate this policy further; technical comments continue
to be welcome. Let's move on -- there are better things to do, people to
see, laptops to build.

Cheers,

-- 
Ivan Krstić <krstic at solarsail.hcs.harvard.edu> | GPG: 0x147C722D