[OLPC-devel] Secure BIOS on the OLPC

John R. jhoger at gmail.com
Fri Sep 1 11:59:44 EDT 2006


On 9/1/06, Ivan Krstić <krstic at solarsail.hcs.harvard.edu> wrote:
> Following further discussion within OLPC and consultation with some very
> smart, well-known security folks on the outside to triple-check my
> thinking (they were all fully satisfied), I've concluded that the
> benefits convincingly outweigh the cons for us, and have requested that
> the EC changes I proposed are implemented.
>

My understanding from the discussion on-list (Jim Getty's email) meant
using the "belt and suspenders" approach. Meaning, signed bios but
also holding down a key to update the BIOS. That would be sufficient
to stop mass update.

Did I read that wrong or did the decision change? Is there a
requirements or design specification somewhere I can take a look at
where decisions like are recorded or does it just go into the bug
tracker?

-- John.


More information about the Devel mailing list