[OLPC Security] Some anti-theft questions
Benjamin M. Schwartz
bmschwar at fas.harvard.edu
Tue Jan 22 14:36:39 EST 2008
On Tue, 2008-01-22 at 09:12 -1000, Tim Newsham wrote:
> What about with an external NTP server?
NTP stands for Network Time Protocol, and is a software system for
synchronizing clocks over the internet (or a LAN). The phrase "external
NTP server" is a non-sequitur.
However, you raise an interesting point. Suppose there is no network
access. If the RTC's date can be changed, with direct hardware access,
then this would break the date-based security. However, this is only
relevant if changing the date is _easier_ than reflashing the firmware,
since a non-secure firmware can deactivate the anti-theft system
entirely.
One easy way to change the RTC date is to remove the watch-battery that
powers it. I am curious what the intended behavior is in the case of
watch-battery failure, since this is known to be a common hardware
failure mode (the lifetime failure rate is 100%!).
One way to sidestep this issue would be to base the deactivation on both
date and total uptime. If the OS were set to increment a counter in the
filesystem every hour, then this would provide an independent lower
bound on the time since the last lease, without depending on the RTC
date.
--Ben
More information about the Security
mailing list