Removing RTC from Theft-Deterrence
C. Scott Ananian
cscott at laptop.org
Wed Jul 7 17:06:34 EDT 2010
On Wed, Jul 7, 2010 at 4:01 PM, C. Scott Ananian <cscott at laptop.org> wrote:
> * Updating exactly every hour is vulnerable to an attacker who
> arranges to remove the battery from the machine exactly 55 minutes
> after power on, every time. This is still quite awkward, but to avoid
> even this attack, the EC can pseudo-randomly decide exactly when to
> update the EC based on a random seed passed in from OFW from the
> Geode's HWRNG, with an *average* interval of an hour. We probably
> don't have to perform this extra trickery if we just shorten the
> interval to 6 minutes or so, but the means that the EC's EEPROM will
> wear out at the end of the 5 year service life of the machine. We can
> probably detect this condition (EEPROM no longer writes reliably) and
> just disable passive kill security at this point, though, which might
> be nice for freedom-loving reasons.
2010 thoughts: I like the idea of pseudo-random updates. Having a
uniform 1/60 probability of update every minute makes powering off as
a circumvention mechanism pointless, while reducing EEPROM writes. A
very simple linear feedback shift register for generating
pseudo-random bits would be sufficient, since the inputs and outputs
of the system are hidden.
--scott
--
( http://cscott.net/ )
More information about the Devel
mailing list