[Server-devel] xs-otp: one time passwords for the XS

Bill Bogstad bogstad at pobox.com
Sun Oct 26 18:10:46 EDT 2008


On Sun, Oct 26, 2008 at 12:01 PM, Martin Langhoff
<martin.langhoff at gmail.com> wrote:
> On Sun, Oct 26, 2008 at 4:52 PM, Michael Stone <michael at laptop.org> wrote:
>>> "Physical security is not our problem"... (at least yet).
>>
>> Still sure that you want the XS to be involved in the theft-deterrence
>> protocol? :)
>
>...
> but I'm not aware of any scheme *without* something like bitfrost that
> has a reasonable cost-benefit (or complexity-benefit) ratio.

Here's a crazy implementation idea for adding pre-boot security code
to ANY standard PC platform.   Build a basic PCI hardware 'device'
card with little more then ROM.  When a standard BIOS detects device
card ROM, it executes it before even attempting to boot the computer.
Glue these cards into a slot in any computer on which you want special
pre-boot security...

Note: I have no idea what ROM services are available to device ROMs.
For example, can a device ROM call into the BIOS to do disk IO at this
point in the boot process?  Is there anything that such a card could
usefully do with nothing more then its code.  What if you add a small
amount of battery backed CMOS and an
onboard clock chip to the card?

Bill Bogstad


More information about the Server-devel mailing list