[OLPC Security] Anti-theft and Anti-Sale ideas for Nepal
Karl O. Pinc
kop at meme.com
Mon Feb 19 11:27:30 EST 2007
On 02/19/2007 09:33:31 AM, Bipin Gautam wrote:
> Offtopic: I was reading Bitfrost specification discussion in the
> wiki... The discussion says kernel/firmware modification or for
> installing new OS would require a REQUEST for uniq-developer key for
> the specific laptop. Do note the fact we are still unclear about the
> process of aquiring developers key and where should the key be entered
> for authority before XO allows firmware upgrade or installing another
> OS. Now consider this situation...
>
> Suppose i request for a developer key making some cunning reasons (or
> is it automated?) I wait 21 days for the key to arrive. Then I wipe
> out the OS and have a firmware upgrade of BIOS with the DEVELOPER-KEY.
> Then Install a NEW OS and sell the laptop. In this case what is
> stoping me from selling the laptop?
Nothing stops someone with the developer key from doing anything
they want to with the laptop. That is the point of the developer key,
the developer key allows the laptop owner to do anything at all
with the computer. It is the essential component which empowers
the computer's owner. The developer key means that the child
has control over the computer, rather than the computer having
control over the child's computing activities.
It is a question of where you place trust. OLPC chooses
to trust the child, should she request complete
control of her computer. In my opinion there is no alternative.
Any other choice is disrespectful in the extreme.
Presumeably developer key for a laptop will be given by OLPC
only to the owner of that laptop. There may be abuses
in individual cases but because developer keys are granted
on an individual basis the potential for wholesale corruption
is limited.
Karl <kop at meme.com>
Free Software: "You don't pay back, you pay forward."
-- Robert A. Heinlein
More information about the Security
mailing list