Life in an insecure world
John Watlington
wad at laptop.org
Wed Feb 4 00:22:28 EST 2009
>>Background context:
Right now, Quanta only ships laptops in one of two states:
- security enabled
- security enabled, and "pre-activated"
Starting in a few weeks, the factory will only ship laptops in one
of two configurations:
- security enabled
- security disabled
The goal is to only ship laptops with security enabled to deployments
which are capable of managing their own key management system
(including release signing, activation lease generation, developer key
generation, etc.) The anti-theft features of the XO system are
valuable,
but OLPC as an organization simply cannot afford to provide the
supporting services.
>>Current Question (from Reuben):
> How will the ak tag be set for these machines that have security-
> disabled ?
>
> a. without ak tag if someone then enables security then they will
> require activation. Otherwise they will have to manually add the ak
> tag.
>
> b. with ak tag -> security enabled, no activation will be required.
> So if someone wants activation they will have to manually delete
> the tag.
I insist on b) in order to prevent inadvertent "bricking" of laptops
by typing "enable-security",
but that is sadly insufficient, as enabling security on a laptop
simply running an unsigned build
will also "brick" it. In the former case (b), it is possible to
install and boot a signed (OLPC) build, but
reverting to the original (unsigned) build will still require a
developer key.
Is there anything we can do ?
Should we care ? I just proved that it is possible for any kid in
Peru to slag their laptop by
simply typing "sudo rm -rf /*" in a terminal window, a similar feat
of child-like naivete.
But at least in the security disabled case, this simply requires
reflashing the NAND,
whereas re-disabling security is more difficult in cases where the
security infrastructure was
never supported in the first place.
Comments ? Suggestions ?
wad
More information about the Devel
mailing list