[OLPC Security] Anti-theft and Anti-Sale ideas for Nepal

Simson Garfinkel simsong at acm.org
Sun Feb 18 20:07:46 EST 2007 

Bipin,

Thanks for explaining this. So your real issue is that there will be  
schools that do not have a school server.

In a case such as this, the authentication server can easily be run  
on the teacher's laptop. I believe that the spec makes this clear. If  
it doesn't, it will.

One serious risk that we wish to avoid is an attacker who steals all  
of the laptops that are destined for a school --- that is, they steal  
the shipment en route. The anti-theft system is specifically designed  
to address this risk.

Peer-to-Peer systems have considerable complexity. I don't think that  
we need or want that complexity in the anti-theft system.




On Feb 18, 2007, at 8:03 PM, Bipin Gautam wrote:

> On 2/19/07, Simson Garfinkel <simsong at acm.org> wrote:
>> Hi, Bipin.
>>
>> I do not understand your interest in the P2P idea. When you say P2P,
>> what do you actually mean?
>>
>> The laptops have a mesh network which routes IP protocol. Given
>> access to the mesh, any centralized system based on the school
>> servers is easy to implement. What do you think is added by having a
>> distributed application running on untrusted laptops?
>>
>>
>>
> Dear Simson,
> As long as the P_THIEF signatures will be cryptographiclly signed (say
> an update executable with digital certificate) i dont think the
> untrusted laptops (or network) will pose any problem. Intrigity of
> signatures can always be verified or else discarded.
>
> I understand your concernes about "any centralized system based on the
> school servers is easy to implement." thats why i at second thought
> said instead of internet it would be better to inforce the mechanism
> through village server (or school server) But we have schools at
> remote places with JUST classroom and a common room for teachers etc.
> school server mechanism might add extra burden technically and as a
> work load. we might want to make the process as automated and as
> unattended as possible so that few person can look after larger
> population of XO.
>
> I'm sure Bryan has something more to elaborate/coment about ;)
> -bipin
>

More information about the Security mailing list