[OLPC Security] Grey Markets: differentiation of legitimately purchased laptops

Mike C. Fletcher mcfletch at vrplumber.com
Mon Oct 15 21:09:54 EDT 2007 

Carl-Daniel Hailfinger wrote:
> [side note: I did not receive the messages from C. Scott Ananian or
> Ka-Ping Yee via the list. Any change someone can bounce them to the list?
> Mike: Your Reply-To header may have had undesired effects on some of the
> people replying to you.]
>   
Seems standard, not sure what I would change to make it more 
desirable... please advise off-list...

...
> Besides that, if someone is willing to invest about one hour of work,
> first boot activation probably can be circumvented.
>   
I gather this would be accomplished by opening the machine and using a 
chip programmer to flash the EEPROM?  It's been suggested as a vector of 
attack.  I would tend to agree that it's doable, not likely a threat 
from disorganised attackers, but could become one with organised attacks 
AFAICS.  All by itself the barrier probably isn't enough to dissuade a 
determined group, but with other effects it should at least introduce a 
bit of a deterrent.
...
>> The potential existence of signed images which allow for unlocking any 
>> laptop (proposed for the country-level repair centres) means that with a 
>> simple leak of those images, any stolen laptop becomes entirely 
>> untraceable and thus valuable.  With that leak, a simple insertion of a 
>> USB key makes any laptop resalable.  Even without those images, the leak 
>> of a country's signing key would have the same effect.  Organised crime 
>> could, without much difficulty, acquire country-level keys, if doing so 
>> would open up millions of dollars in salable goods.
>>   
>>     
> Back in fall 2006, someone (Ivan?) said this will not happen.
> I do agree with you, however.
>   
It's possible that there is some mechanism I'm not aware of which 
perfectly prevents all such leakage, but I'd be suspicious that any 
organised group with sufficient motive couldn't subvert someone with 
access to the key(s).  As you mention, chip reprogramming could also be 
done to get around that particular defense.

If you mean there will be no "signature removal" image available, that's 
quite possible (and likely desirable).  I seem to recall the idea being 
brought up on one of the lists in the last few days, but being countered 
with the idea of signed images that could accomplish one particular 
thing needed in the repair depots.
> I looked at pricing for reasonably large hologram stickers with unique
> serial numbers and they are in the cent range, so I don't see big
> problems putting them on donor laptops.
>   
Hologram stickers are produced en-masse by organised pirates throughout 
the world.  The idea of having the colours on the lid be the 
differentiator means that the pirates have to sand down the plastic and 
replace it with similar plastic without damaging the plastic itself.  
Effort there is close to producing a new case (which would also be 
doable for a determined pirating effort, but would likely only be 
reasonable if the theft was far more widespread than seems likely).  As 
mentioned, making the "accent colour" (green) a different colour is 
probably the best approach, but we're almost certainly too far along to 
have that happen.

Merely painting over the plastic would tend to make it noticeably 
"altered", though I suppose there may be paints which could simulate the 
gloss of the plastic properly, which might suggest that using "white" 
would be a good colour (to make such painting harder to hide due to 
colour "shining through").

Take care,
Mike

-- 
________________________________________________
  Mike C. Fletcher
  Designer, VR Plumber, Coder
  http://www.vrplumber.com
  http://blog.vrplumber.com

More information about the Security mailing list