[OLPC Security] teasing apart the security problem into pieces

[Tim Flavin]

Jim said:
>So first, let's see if there are other questions that should be posed
>than the list that comes to my mind immediately.

It has been a long time since I have tried to understand the issues
relating to exporting security software, and it looks like some of the
interested OLPC countries are on the State Department's least favorite
countries list.  What are the limits on including encryption, and
authentication software?  Is there a problem with public key
encryption software?  Can we use public key algorithms for
authentication?

I think that it would make it easier to secure the laptop if the boot
flash were hardware write protected.  If malware is able to write to
the boot flash, it would be hard to clean up.
Can we do this?  You could manually write enable it with a paperclip
or JTAG device when necessary.


> are there ways in which we can exploit security technology to reduce
>the inevitable theft problem?

Probably.  Is there any information available on the Marvell 8388? 
Does it have a bit of room in its flash memory if any?  What is used
to store the MAC address?

Is the hardware budget for security features more than  $0.50?  Less?

I assume that we are not trying to defend against people who have some
technical capabilities and can mess with the insides of the laptop. 
Is this true?

I think that a most of the answers to the privacy and access questions
is that we provide the tools to enable them but that the local
governments (on several levels) will decide on how they are used or if
they are removed.

Tim