[Openec] fail-safe startup code?

Frieder Ferlemann frieder.ferlemann at web.de
Thu Aug 16 02:31:03 EDT 2007


Hi Ivan,

Ivan Krstić schrieb:
> On Aug 6, 2007, at 5:35 PM, Frieder Ferlemann wrote:
>> It eventually is possible that the kb3700 would also
>> (cryptographically hard) check the image it downloads.
>> Clearing memory first, then flashing the image as it
>
> IIRC the kb3700 is way too slow even for small sigs. Once OpenEC is
> considered production code, we can allow it to be installed by virtue of
> the existing (crypto-signed) OFW update mechanism, although I'm not sure
> that we currently allow the EC code to be rewritten at all.


It probably won't be able to reasonably deal with public key signatures, yes.


Something within reach would be to check against a single AES key.

So if OFW would have been corrupted the kb3700 could flash the OFW image
which matches exactly this key.

If we would want to go fancy this image could be transferred via the
one-wire bus. So no need to open the case and attach a RS232 adapter.
Using the one-wire bus eventually has patent implications with Maxim-Dallas.

Greetings,

Frieder


More information about the Openec mailing list