[OLPC Security] Anti-theft and Anti-Sale ideas for Nepal
Carl-Daniel Hailfinger
c-d.hailfinger.devel.2006 at gmx.net
Mon Feb 19 20:18:26 EST 2007
Hi Simson,
Simson L. Garfinkel's Treo 700p wrote:
> On Mon, 19 Feb 2007 20:33:37 +0100 "Carl-Daniel Hailfinger" wrote:
>> Because I have *physical* access to the hardware? Remember the people who
>> hacked the XBox? If the XBox can be hacked, do you really think we have
>> the resources to prevent people from tampering with the hardware?
>> Especially when it is as easy as reflashing the EEPROM
>> (not a ROM!) and the SPI flash?
^^^NAND
>
> Care to describe the process?
Of course. The EEPROM has to be flashed first because with an unlocked
BIOS, you don't even have to bother with the other protection layers.
Depending on your skills and the available equipment, you can solder
a new preflashed SPI flash part on the board (~1$) or reprogram the
existing one on board with a suitable programmer (<1 minute) or
temporarily connect a preflashed LPC/FWH part to the board and boot
from that. The new BIOS will boot from USB, run an autoreinstallation
image and you're done.
If you don't want to spend time and money soldering new EEPROMs on
board and also don't have the money for a programmer, you can use
another OLPC machine for that purpose, although that will take a
few minutes more.
Easy repair and recovery also mean easy removal of P_THEFT.
Remember: attackers will never play by your rules.
Regards,
Carl-Daniel
--
http://www.hailfinger.org/
More information about the Security
mailing list