[OLPC Security] teasing apart the security problem into pieces

Jim Gettys jg at laptop.org
Sun Apr 9 17:24:04 EDT 2006 

On Sun, 2006-04-09 at 15:07 -0400, Simson Garfinkel wrote:
> > For open source code, it is now very easy.  Thank you for reminding me
> > we should register laptop.org with the wonderful government people
> > (there is still a probably pointless registration requirement).  The
> > process got much easier 3 or 4 years ago.  Binaries are more of an
> > issue; but (someone correct me if I'm wrong), binaries created from  
> > open
> > source/free software are much easier than it once was, and can be
> > handled with some care.  Commercial requirements are higher.
> 
> I believe you are correct. The binary/source problem can be made  
> irrelevant if your build system distributes source and then has  
> people compile them, of course.

I think there may still be some pointless address blocking that has to
be done; or there was the last time I looked into it.  I can check with
Debian friends to find out what, if anything, they have to do with the
Debian archives now.

> 
> >
> > For example, Debian now ships strong crypto in main, and the following
> > link explains the situation and requirements different people must  
> > meet.
> > http://www.debian.org/legal/cryptoinmain
> 
> All of the free Unix distributions now ship with strong crypto, I  
> believe. As does MacOS and Windows. There is no long any significant  
> restriction on consumer operating systems.
> 
> >
> > Diffie Hellman and RSA patents have run out, so we certainly can use
> > public key crypto.
> 
> Yep. There are no restrictions.
> 
> >
> >>
> >> I think that it would make it easier to secure the laptop if the boot
> >> flash were hardware write protected.  If malware is able to write to
> >> the boot flash, it would be hard to clean up.
> >> Can we do this?  You could manually write enable it with a paperclip
> >> or JTAG device when necessary.
> >
> > We're planning to do something like this; it will require holding  
> > down a
> > certain set of keys on the keyboard before the boot flash can be
> > overwritten (and that flash has the code that enforces that; it is in
> > the embedded controller, rather than the CPU).
> 
> Nice design.  This is easier than adding another switch, I guess?

Yes, cheaper, and doesn't require getting in the box the way a jumper
would; holes through the wall of the "brick" is a way for water and dirt
to enter.

> 
> Presumably another funky set of keys will have my laptop copy the  
> operating system from your laptop (but not the user code)?

TBD.  Though I'd more likely expect you'll be sitting at a busybox
shell, rather than magic key sequences.


> 
> 
> 
-- 
Jim Gettys
One Laptop Per Child

More information about the Security mailing list