OFW sad face doesn't say why
eben.eliason at gmail.com
Fri Jul 18 16:08:07 EDT 2008
On Fri, Jul 18, 2008 at 2:57 PM, Mikus Grinbergs <mikus at bga.com> wrote:
> Happened to put in laptop BB a SD card copied over from laptop AA.
> Pushed power-on, laptop BB showed me a sad face and powered down.
> Figured out why -- that SD card had a directory on it called
> /security, and in that directory there was a file called
> develop.sig. Since this file's content did not match BB's identity,
> BB powered down. I erased that file - then BB would boot o.k.
> If you have a cheap SD card, and an enemy with an XO, why not create
> /security/develop.sig on that SD card, and surreptitiously insert
> that SD card into his OLPC - he would be extremely UNLIKELY to think
> of examining the sd-card-slot for the cause of his XO not booting.
> If the OFW identified its reason for not proceeding with booting,
> this opportunity for mischief would not work.
Hmm, A big lock icon is supposed to appear when no lease is found. A sad
face was never part of the design; I wonder if that slipped in as a
temporary placeholder and never got fixed. Mitch, do you know where this
lives (I assume firmware, but maybe not), and if it's possible to clean up
with little effort?
It seems to me that we should only be doing positive checks, not negative,
against the security info in external devices. It should simply move on and
illustrate that no valid key was found (adding the lock icon next to the SD
icon, for instance). It shouldn't be possible to prevent an XO from booting
at all if any of the devices (including the XO itself) have a valid key,
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Devel