[OLPC-devel] Secure BIOS on the OLPC
Mark J. Foster
mfoster at laptop.org
Fri Sep 1 13:07:01 EDT 2006
I think that I may have identified a potential hole in the
implementation discussed so far, in that folks have often stated that
the BIOS becomes write-enabled on a "reboot". To be a little more
specific, we could add a latch, as Richard suggested, but we could only
open it up on a "cold boot", not a "reboot". Otherwise, the problem is
that software could reset the EC after the system is up, which would
open up the write-protect.
Therefore, the "signal" that would open the write-protect pin is
removing the battery, then plugging it back in. It's also possible that
holding down the power button for four seconds could do the trick,
followed by pushing the power button again to do a cold power-on.
On second thought, is this really better than making kids hold down the
spacebar for 4-5 seconds?
More information about the Devel