[OLPC Security] teasing apart the security problem into pieces
Jim Gettys
jg at laptop.org
Sun Apr 9 17:24:04 EDT 2006
On Sun, 2006-04-09 at 15:07 -0400, Simson Garfinkel wrote:
> > For open source code, it is now very easy. Thank you for reminding me
> > we should register laptop.org with the wonderful government people
> > (there is still a probably pointless registration requirement). The
> > process got much easier 3 or 4 years ago. Binaries are more of an
> > issue; but (someone correct me if I'm wrong), binaries created from
> > open
> > source/free software are much easier than it once was, and can be
> > handled with some care. Commercial requirements are higher.
>
> I believe you are correct. The binary/source problem can be made
> irrelevant if your build system distributes source and then has
> people compile them, of course.
I think there may still be some pointless address blocking that has to
be done; or there was the last time I looked into it. I can check with
Debian friends to find out what, if anything, they have to do with the
Debian archives now.
>
> >
> > For example, Debian now ships strong crypto in main, and the following
> > link explains the situation and requirements different people must
> > meet.
> > http://www.debian.org/legal/cryptoinmain
>
> All of the free Unix distributions now ship with strong crypto, I
> believe. As does MacOS and Windows. There is no long any significant
> restriction on consumer operating systems.
>
> >
> > Diffie Hellman and RSA patents have run out, so we certainly can use
> > public key crypto.
>
> Yep. There are no restrictions.
>
> >
> >>
> >> I think that it would make it easier to secure the laptop if the boot
> >> flash were hardware write protected. If malware is able to write to
> >> the boot flash, it would be hard to clean up.
> >> Can we do this? You could manually write enable it with a paperclip
> >> or JTAG device when necessary.
> >
> > We're planning to do something like this; it will require holding
> > down a
> > certain set of keys on the keyboard before the boot flash can be
> > overwritten (and that flash has the code that enforces that; it is in
> > the embedded controller, rather than the CPU).
>
> Nice design. This is easier than adding another switch, I guess?
Yes, cheaper, and doesn't require getting in the box the way a jumper
would; holes through the wall of the "brick" is a way for water and dirt
to enter.
>
> Presumably another funky set of keys will have my laptop copy the
> operating system from your laptop (but not the user code)?
TBD. Though I'd more likely expect you'll be sitting at a busybox
shell, rather than magic key sequences.
>
>
>
--
Jim Gettys
One Laptop Per Child
More information about the Security
mailing list