C. Scott Ananian cscott at laptop.org
Thu May 22 12:40:01 EDT 2008

On 5/22/08, Carl-Daniel Hailfinger <c-d.hailfinger.devel.2006 at gmx.net> wrote:
> On 22.05.2008 17:01, C. Scott Ananian wrote:
>  > On 5/22/08, Carl-Daniel Hailfinger <c-d.hailfinger.devel.2006 at gmx.net> wrote:
> A statement of security is a nice theft deterrent. This may change once
>  the bad guys realize circumvention is very doable.

Again, it's a matter of cost.  All security is bypassable for some
cost.  How much do you want to make it cost, and how much does it cost

>  > Yes, there were some design details with Gen 1 hardware that turned
>  > out to make it difficult to safely reflash, even though the flash chip
>  > is big enough to accomodate a backup OFW.  The EC is perfectly capable
>  > of recovering OFW, but the EC memory map coincides with the erase
>  > block size of the SPI flash, unfortunately, so there's a critical
>  > window during which all of the EC code must be erased.  We hope to fix
>  > that with Gen 2.
> There are SPI flash chips on the market which have an erase granularity
>  of half the size of the EC code or even less. Selecting such a chip
>  should work even for Gen 1 unless I'm missing a key detail.

See http://dev.laptop.org/ticket/5314

>  >>  >  k) more open software: we may not need an EC, and if we do we may be
>  >>  > able to ensure its code is open.  We may change the wireless device,
>  >>  > and/or be able to switch to open firmware for it.
>  >>
>  >> I believe item k) was already in the contracts with Quanta and Marvell,
>  >>  unless the official announcements back then were wrong. It has been
>  >>  stated repeatedly by OLPC officials that the only thing preventing a
>  >>  full open source wireless firmware is the lack of time for porting the
>  >>  code to another embedded OS. There were also statements like "We are
>  >>  working with Quanta to release EC source code", so I think that's also
>  >>  mostly a problem with lack of time.
>  >>
>  >
>  > Yes, it was intended, but the production schedule and component
>  > availability forced us to build on some pre-existing closed-source
>  > components, and now that we've reached this point in the manufacturing
>  > cycle for XO-1, we have very little leverage left with Quanta.  We did
>  > make our best effort, but there were also some unforeseen interactions
>  > with the manufacturing contract we signed with Quanta.  Quanta
>  > designed the motherboard and took responsibility for making
>  > modifications for manufacturability and to address defects, and now
>  > they've ended up with significant IP rights in our schematic.  This
>  > has made it hard to properly support the open EC effort, since by the
>  > terms of the contract we can't even show them the pinout of the EC.
>  > We recently hired Paul Fox as firmware engineer, so we're still hard
>  > at work on this.  We hope that we can work out agreements with Quanta
>  > to publish at least pinout information for the EC.  It's complicated
>  > by the fact that most of Quanta's team working on the XO-1 design has
>  > moved on to other projects now.
>  >
> That's really a nice writeup of the current situation. Could you please
>  put it (perhaps even verbatim) into the wiki and link it from the EC and
>  OpenEC pages? Thanks!

I'd appreciate if you (or someone else on devel@) could do so.

>  > The http://www.open80211s.org/ effort is being funded by OLPC to try
>  > to address the wireless firmware issue (among other goals).  I don't
>  > really know what mesh solutions are being considered for XO-2, but
>  > there are more vendors with 802.11s solutions now than there were when
>  > we designed the XO-1, so we have more choices and leverage.
> That's good to hear. Again, adding this info to the wiki would help
>  public perception a lot.


Open80211s.org really needs better publicity; there are a lot of
experiments I'd like to try with the 802.11s protocols if I had
someone with the time to hack into the code & get the numbers.

                         ( http://cscott.net/ )

More information about the Devel mailing list