[OLPC Security] Some anti-theft questions

Benjamin M. Schwartz bmschwar at fas.harvard.edu
Tue Jan 22 14:36:39 EST 2008


On Tue, 2008-01-22 at 09:12 -1000, Tim Newsham wrote:
> What about with an external NTP server?

NTP stands for Network Time Protocol, and is a software system for
synchronizing clocks over the internet (or a LAN).  The phrase "external
NTP server" is a non-sequitur.

However, you raise an interesting point.  Suppose there is no network
access.  If the RTC's date can be changed, with direct hardware access,
then this would break the date-based security.  However, this is only
relevant if changing the date is _easier_ than reflashing the firmware,
since a non-secure firmware can deactivate the anti-theft system
entirely.

One easy way to change the RTC date is to remove the watch-battery that
powers it.  I am curious what the intended behavior is in the case of
watch-battery failure, since this is known to be a common hardware
failure mode (the lifetime failure rate is 100%!).

One way to sidestep this issue would be to base the deactivation on both
date and total uptime.  If the OS were set to increment a counter in the
filesystem every hour, then this would provide an independent lower
bound on the time since the last lease, without depending on the RTC
date.

--Ben



More information about the Security mailing list