[OLPC Security] Anti-theft and Anti-Sale ideas for Nepal
Simson L. Garfinkel's Treo 700p
simsong at acm.org
Mon Feb 19 20:40:09 EST 2007
Well, let's just give up now and give all the children cell phones.
___
Sent with SnapperMail from my Treo. Please excuse brevity and typos.
www.snappermail.com
...... Original Message .......
On Tue, 20 Feb 2007 02:18:26 +0100 "Carl-Daniel Hailfinger"
<c-d.hailfinger.devel.2006 at gmx.net> wrote:
>Hi Simson,
>
>Simson L. Garfinkel's Treo 700p wrote:
>> On Mon, 19 Feb 2007 20:33:37 +0100 "Carl-Daniel Hailfinger" wrote:
>>> Because I have *physical* access to the hardware? Remember the people
who
>>> hacked the XBox? If the XBox can be hacked, do you really think we have
>>> the resources to prevent people from tampering with the hardware?
>>> Especially when it is as easy as reflashing the EEPROM
>>> (not a ROM!) and the SPI flash?
> ^^^NAND
>>
>> Care to describe the process?
>
>Of course. The EEPROM has to be flashed first because with an unlocked
>BIOS, you don't even have to bother with the other protection layers.
>Depending on your skills and the available equipment, you can solder
>a new preflashed SPI flash part on the board (~1$) or reprogram the
>existing one on board with a suitable programmer (<1 minute) or
>temporarily connect a preflashed LPC/FWH part to the board and boot
>from that. The new BIOS will boot from USB, run an autoreinstallation
>image and you're done.
>If you don't want to spend time and money soldering new EEPROMs on
>board and also don't have the money for a programmer, you can use
>another OLPC machine for that purpose, although that will take a
>few minutes more.
>
>Easy repair and recovery also mean easy removal of P_THEFT.
>Remember: attackers will never play by your rules.
>
>Regards,
>Carl-Daniel
>--
>http://www.hailfinger.org/
>
More information about the Security
mailing list