Ivan Krstić wrote: > Carl-Daniel Hailfinger wrote: >> And it fully automates bricking of thousands of machines if the key >> is ever compromised. > > If 3 separately kept private keys, two of which will live in a bank > vault, are compromised.
The keys in the bank vault will have to be used outside of the bank vault for every BIOS update the OLCP project issues. And if the countries in which the machines are to be deployed want the ability to change the BIOS without OLPC approval (which may well be the case) you have to add three additional keys which will be kept under unknown conditions. If countries with autonomous regions (like Spain) are ever going to participate in an OLCP rollout, the autonomous regions are likely to demand an additional three keys as well. >> Flashing a new BIOS against the will of the user >> is *evil* (and generates quite a lot of bad publicity if you look at >> the Playstation Portable forced firmware upgrades). > > I'm not familiar with these (I'll read up on them), but I imagine they > change actual user-visible system functionality in some way? That's not > what any of our BIOS upgrades will do. They fixed security holes (good) and made it impossible to run your own software on it (bad). A few other user-visible changes were there as well. Our BIOS updates will fix security holes (good) and .... This leads me to another question: Will the final board revision still have a place where someone can solder on a PLCC socket and will the EC code still have the feature to boot from PLCC ROM if one is plugged in? Regards, Carl-Daniel -- http://www.hailfinger.org/ _______________________________________________ Devel mailing list [email protected] http://mailman.laptop.org/mailman/listinfo/devel
