XO-2

Richard A. Smith richard at laptop.org
Fri May 23 15:37:36 EDT 2008 

Carl-Daniel Hailfinger wrote:

> As I stated before on this list, bypassing P_THEFT is very easy. You
> don't even have to desolder the complete flash chip, one pin is
> sufficient. All of this is doable for less than $1 per laptop if you
> have access to cheap labor. $1 per laptop is _not_ expensive enough to
> be infeasible. I am very willing to publish a video tutorial of the
> procedure if you think I can't do that. The only downside would be that
> everybody then knows how to bypass P_THEFT.

If you want to tell me your procedure in private I'll be happy to review 
  it for you.  IMHO we actually do need people to challenge what we have 
done.  Tis' the only real way to know.

I'm guessing the single pin you are referring the the flash write 
protect pin? If so then I'll note thats actually not where the strongest 
part of the link is.  Very early on we also disable the ability to talk 
to the io ports on the EC that make writing to the SPI flash possible. 
Once they are disabled you can't talk to the EC anymore to re-enable 
them. You have to reset the EC. So far we have not found a method that 
circumvents that.  Fire away.

Please give us the chance to fix it first if you do find something.  :)

>> Contrary to your claim, initial
>> activation security is being heavily deployed and does seem to be
>> successful.
>>    
> A statement of security is a nice theft deterrent. This may change once
> the bad guys realize circumvention is very doable.

There's an upper bound on the usefulness of theft deterrent by 
software/hardware means.  If you intend to steal the laptops in bulk the 
  there's actually much more value in black marketing the parts rather 
than the entire laptop as a laptop.  If you found a good markets for the 
display and the battery you could just throw the CPU board away or 
desolder and resell WLAN module and the 1G nand flash chips.  So there's 
really not much point in making the security stronger than that threshold.

Right now to bypass the theft deterrent requires disassembly and we 
think thats sufficient.  Sure, in mass it will be cheap but the people 
who have the resources to setup shops to do it in mass are the same 
people who will do it regardless of how fancy were are.

Trying to reach that level of theft deterrent is a losing battle and 
just not needed.  All it would really do is frustrate the repair centers.

-- 
Richard Smith  <richard at laptop.org>
One Laptop Per Child

More information about the Devel mailing list