[OLPC Security] Securing the laptop: First pass for some basics.

Tue May 16 15:49:23 EDT 2006

There hasn't been much activity on this list, so I will try
to start discussion on one aspect of security, securing
the laptop from malware.  Jim Gettys and others talked
about many of these points before, I am mostly organizing
and expanding on them.

To insure that the laptop is free of malware, the kernel
and most other files should be protected by something
similar to Tripwire or AIDE.  Instead of generating
cryptographic checksums from the files on the laptop,
the checksums would be contained in files cryptographically
signed by the school districts and schools.  Students
would be able to load and execute unsigned software, even
the kernel, but it would be flagged and possibly removed
when anti-malware software is run.  Some or all of the
verification will be optional so that the laptop will boot
relatively quickly.  Once a week or so, and whenever things
don't look right, a full verification can be done to check
the systems integrity. A side benefit of the integrity
check would be recovery from accidental misconfiguration.
Replacing all files flagged by the integrity check could
guarantee a functional laptop.

There would be a hierarchy of signatures and signed
files. Revoking the highest level signature would
require updating the BIOS in the laptop.  Revoking other
signatures would only require updating files on the laptop.
The depth of the hierarchy would have to be limited due
to the fact that verifying signatures is computationally
intensive for a power limited laptop running at 400 Mhz.

In
http://mailman.laptop.org/pipermail/security/2006-April/000006.html
Jim said:
> There is no way to directly write the boot rom from the geode, as I
> understand our hardware design.

The boot ROM is assumed to be free from malware. Although
someone with physical access to the laptop can reprogram
the boot ROM, malware executing on the laptop can't
compromise the boot ROM.  (If this is not true, we may
have a problem.)

The boot ROM contains a small Linux kernel that, at a
minimum, can load the fully functional kernel from either
the laptop's internal flash disk or a USB flash disk.
If there is room in the boot ROM, the boot kernel will be
able to load a kernel over WIFI or other media.  Before
running the new kernel, the boot kernel will verify it's
signature. (The actual verification will probably be done
by a program run from initrd which, for this discussion
is treated as part of the kernel.)

The fully functional kernel will normally be loaded from
the internal flash disk.  It will be able to verify the
rest of the system.

The kernel that boots from the USB flash drive would be
used if the kernel in the internal flash drive was not
usable.  It can reload files that are corrupted or missing.
It can also reformat and reload the internal flash drive
from scratch.

In order to securely update the system, a new signed
signature file would accompany any updates. The new
signature file would replace the old one, and any files
with differing signatures would be replaced. The signature
files would be dated and the person doing the update would
have to verify that the date was reasonable to prevent
updates to old versions with known security problems.
Alternately the signature files could have serial numbers
and the update software would refuse to update to an older
serial number.

Programs like Firefox, that interact with the net,
will require special measures. Either they will run in
a chroot jail, or SELinux features can be used to limit
them to reading and writing very specific sets of files
and directories.  Although SELinux is more complicated,
it is probably the best way to go.