[Server-devel] physical security of the XS and XO-as-XS

Martin Langhoff martin.langhoff at gmail.com
Sat Oct 11 17:56:10 EDT 2008


[Note: this is a resend - with some better editing - the earlier email
got sent prematurely...]

On Sun, Oct 12, 2008 at 3:43 AM, Bryan Berry <bryan.berry at gmail.com> wrote:
> 2) IMHO using
> the XO as XS is not a good idea.

Nothing explains in your post why it's a bad idea. If you are going to
setup a "safe" cabinet of some sort for the server, it's not very
different to make an XO safe from making a tower pc safe.

Your points about other bits of infra are very valuable. Cable theft,
antenna theft are also important. Interstingly, _deployment countries_
are asking us whether the XOs can be used in the XS role. People on
the ground there are asking for it.

I see some reasons for this:

 - Procurement process is complex. Once they have the govt OK to get
XOs, it's relatively easier to request extra XOs for the role. Getting
other hw for the XS can take months if not years.

 - Very few hw makers are offering machines that are solid state,
heat/dust/humidity resistant. The XO has all of that and is cheap. The
few hw makers I've seen offering similar features are rather
expensive.

> Additionally, I am convinced that school administrators would see the
> XO-as-XS as a spare XO and distribute to kids who don't have XO's at
> their school or take it home to their own child.

It won't even boot to Sugar, and user education call take a part here
-- I don't think the confusion will last very long.

You may not want it for the Nepal deployment, but we cannot argue with
the fact that there is intense interest.

There are also other use cases where it's useful to be able to run the
XS sw on an XO - for example, the warehouse scenarios where you take 1
XO and use it as the server that will update all the other XOs.

The issue of theft is real, but is not limited to the XO hw -- and in
fact, a normal tower pc is in some cases more desirable - as it's a
general purpose machine. Uruguay has -- I believe -- done some
interesting work in securing their school servers, though I don't know
the details.

This is work that needs to happen for a long list of reasons. Within
the constraints we have, I aim for flexibility: give the local teams a
range of options, and this is a _very_ valuable one, one that is
within reach now that a vanilla Fedora boots on the XO.

cheers,



m
--
 martin.langhoff at gmail.com
 martin at laptop.org -- School Server Architect
 - ask interesting questions
 - don't get distracted with shiny stuff  - working code first
 - http://wiki.laptop.org/go/User:Martinlanghoff



-- 
 martin.langhoff at gmail.com
 martin at laptop.org -- School Server Architect
 - ask interesting questions
 - don't get distracted with shiny stuff  - working code first
 - http://wiki.laptop.org/go/User:Martinlanghoff


More information about the Server-devel mailing list