[OLPC Security] G1G1: Security, to enable or disable...

C. Scott Ananian cscott at cscott.net
Wed Jun 4 21:48:36 EDT 2008


On Wed, Jun 4, 2008 at 12:15 AM, Paul Fox <pgf at foxharp.boston.ma.us> wrote:
> SJ wrote:
>  > I continue to be uncomfortable that we are sending out restricted /
>  > locked-down machines without a clear need.  The arguments made so far for
>  > this are
>  >
>  >  1. "Getting G1G1 people to test security steps"
>  >  2. "Protecting G1G1 donors from installing anything but signed builds"
>  >  3. "Showing a pretty boot screen"
>  >
>  > 3. represents a bug that should be fixed.  Tying pretty boot to
>  > machine-lockdown is arbitrary.
>
> agreed.  as a G1G1 owner i wanted to see the boot messages quite
> a long time before i needed or wanted a dev key.

http://wiki.laptop.org/go/Cheat_codes

the 'check' key is what you are looking for.

>  > 1.  is an interesting argument.  As with 2, it would still
>  > hold if recipients were actively encouraged to get developers
>  > keys if they have any interest in having full control of their
>  > machines (indeed you could say that they we would have a much
>  > better test of the dev-key acquisition process, which
>  > currently works more clearly in large batches for countries
>  > than for individuals).
>
> i would have thought G1G1 proved that dev-key acquisition works
> just fine.

That's my hope.  Shipping G1G1 with security enabled forced us to
properly prioritize bugs with dev key request/fulfillment, and to
build tools to make requesting a dev key easy.  That was a success,
from my perspective.

I'd like to be able to offer the same antitheft protection we will be
trying to offer Uruguay to G1G1 users as well, on a voluntary basis,
and roughly the same reasoning.  If something goes wrong or it doesn't
work like it should, G1G1 users are communicative and English-literate
canaries in the coal mine.  And diagnosing and fixing the problem is
much easier for G1G1 than it is for some small village in Uruguay a
week's walk from anything.

But again, my perspective is warped by having to write this code and
be confident in its correctness.  I want as much help as I can get.
 --scott

-- 
                         ( http://cscott.net/ )


More information about the Security mailing list