[OLPC Security] Grey Markets: differentiation of legitimately purchased laptops

Carl-Daniel Hailfinger c-d.hailfinger.devel.2006 at gmx.net
Mon Oct 15 20:12:51 EDT 2007 

[side note: I did not receive the messages from C. Scott Ananian or
Ka-Ping Yee via the list. Any change someone can bounce them to the list?
Mike: Your Reply-To header may have had undesired effects on some of the
people replying to you.]

On 16.10.2007 01:26, Mike C. Fletcher wrote:
> C. Scott Ananian wrote:
>   
>> On 10/15/07, Ka-Ping Yee <ping at zesty.ca> wrote:
>>   
>>     
>>> On Mon, 15 Oct 2007, C. Scott Ananian wrote:
>>>     
>>>       
>>>> I believe the current plan is to only sell G1G1 machines to countries
>>>> we are *not* targetting for actual deployment.  If you see an XO in
>>>> the USA, you're a friend of the project.  If you see an XO in an
>>>> adult's hands in Nigeria, you're a thief.
>>>>       
>>>>         
>>> But that's not the point.  The concern expressed at the security summit
>>> was that someone would steal a shipment of laptops intended for Nigeria
>>> in order to resell them at a profit in the United States.  It might
>>> even be profitable to buy or barter for laptops that have already been
>>> distributed, and ship them to the United States for resale.
>>>     
>>>       
>> First boot activation prevents this attack.
>>   
>>     
> Certainly not in total.  See other thread today on migratory fraud.  
> Consider also village-level corruption where the village (elders, school 
> principal) decides that selling the laptops along with their keys is 
> sufficiently profitable that they are willing to sell off the laptops 
> along with their activation keys and just keep quiet about them 
> disappearing.
>   

Besides that, if someone is willing to invest about one hour of work,
first boot activation probably can be circumvented.

> Faced with, for instance, $100 * 1000 students, many villages might very 
> well say "scr*w education" and sell off the units to throw a magnificent 
> party, to pay for an important retirement fund for the local war-lord, 
> or what have you.  Similarly if armed men are telling you to hand over 
> the shipment of laptops and all of the activation keys, and tell you 
> they will come back and kill you all if you ever report them stolen, you 
> will likely hand over the shipment and keep quiet.  As long as the 
> profit motive exists, you will have people try to exploit the resource.
>   
Fully agreed.

> The potential existence of signed images which allow for unlocking any 
> laptop (proposed for the country-level repair centres) means that with a 
> simple leak of those images, any stolen laptop becomes entirely 
> untraceable and thus valuable.  With that leak, a simple insertion of a 
> USB key makes any laptop resalable.  Even without those images, the leak 
> of a country's signing key would have the same effect.  Organised crime 
> could, without much difficulty, acquire country-level keys, if doing so 
> would open up millions of dollars in salable goods.
>   
Back in fall 2006, someone (Ivan?) said this will not happen.
I do agree with you, however.

> What we are suggesting here is a means to reduce the *motive* to steal 
> the laptops.  While first-boot activation erects another hurdle (and we 
> want that hurdle), we have potentially millions of dollars available for 
> determined thieves.  Having a physical difference in the laptop 
> introduces a per-unit cost to grey-marketeers, each laptop now has to be 
> physically altered with a reasonable degree of care to avoid being 
> easily spotted.
>
> If physical differentiation can be done with minimal impact, I would 
> *strongly* suggest that we do so.
>   

I looked at pricing for reasonably large hologram stickers with unique
serial numbers and they are in the cent range, so I don't see big
problems putting them on donor laptops.

Regards,
Carl-Daniel

More information about the Security mailing list