[OLPC-devel] Secure BIOS on the OLPC
Ivan Krstić
krstic at solarsail.hcs.harvard.edu
Fri Sep 1 13:15:22 EDT 2006
Mark J. Foster wrote:
> Therefore, the "signal" that would open the write-protect pin is
> removing the battery, then plugging it back in. It's also possible that
> holding down the power button for four seconds could do the trick,
> followed by pushing the power button again to do a cold power-on.
When we do a power-off (i.e. init 0), the next start is a cold boot,
correct?
> On second thought, is this really better than making kids hold down the
> spacebar for 4-5 seconds?
Yes. It still provides secure upgrades without requiring user
interaction, and defends against phishing. The spacebar scheme is much
more inadequate than people realize; dig up the story for Firefox's
countdown in the 'install extension' dialog if you're curious why.
Remember also that the BIOS upgrades we distribute won't be something
that has to be installed immediately: if a week elapses from when the
upgrade is queued until the kid turns off the machine fully, that's
generally perfectly fine by us.
--
Ivan Krstić <krstic at solarsail.hcs.harvard.edu> | GPG: 0x147C722D
More information about the Devel
mailing list