Richard et al, (I am passing this to the education list... because it is a mix of tech issues with issues related to the general policy about the XOs / and OLPC).
I agree with the level of security that you are talking about. And I understand what are your concerns (some of them are valid for Peru, some of them are valid for big cities, some of them are valid for very small cities). But reading your message something came to my mind... (oh my God.. here we go!) As far as I understand the XOs will be given to the kids as property (I hope so... if not then we are "feeding" the dominance status quo of the government / top social class / bureaucrat power / etc.. ... then that kind of happening would be part of the problem and not part of the solution). IF the XO is property of the child, and IF the XO has a security protection method (that is related / linked) to a validation on a school server (or any other protection method that requires that the kid get connected with this or that server)... then ... I ask myself... a) Are we creating a slavery chain ? The kid (who will become used to work with his laptop... example: he will get the cost of the potato in the wholesale market in Lima and then he will advise his father at what price he needs to sell in this or that time of the year...)... then when he gets 16 years old (according to what is normal in the Andes mountains) he gets married with young lady of the nearest town... so he will start a new family in different location... he will live in other town... so... he needs to do what ? a.1) Travel without his laptop. a.2) Give the laptop to other small kid. a.3) Get a bride on his own town!!! (smile) (well... the kid has the opportunity to "try" some brides... it is call "servinacuy"... if you don't like the bride (after living with her some months, you return her to her parents and you have other opportunities to "test" another bride... don't ask me how many... I don't know! This custome comes from the Inca's time and is used in the remote villages in the Andes, it is part of a party... by the way, ladies, don't get upset: the bride can refuse the boy after living with him for some months... so the "trial" period is good for both... that is all what I know... I am not an expert on the issue (my bad luck!). a.4) Forget the all powerful "door to the universe of knowledge" (XO+Internet) and start a new life a.5) Don't get married... bachelor life... (smile) a.6) Hack the security issues and get and independent XO laptop then he can travel all around the Andes and get WiFi connection wherever he is located (I hope that other XOServers will recognize it as "a brother from other town" and allow him to access the net... I hope so... is this a dream? Sorry if I am putting more tasks on the shoulders of the developer teams or if I am saying something that sounds weird...) a.7) Go to a repair center and get his laptop fixed to get ridd of any security issue. a.8) Return the XO to the school (no, please... don't tell me this is the chosen procedure... all your efforts will fail like a... ok... you say whatever you want... I will be prepared... God help us on this one, please). What about if the kid comes to a bigger city for getting better education? and... if the kid get a way to go to a university? (I would bet that is the only laptop that most of the kids will get in the next 30 years... or maybe in his whole life...)... if the kid's family move from one small village city to another one... what will happen with "his" XO and, better question, what will happen with his "relationship" with the XO ? (am I nuts? is possible to get a "relationship" with a machine? I don't know... let's ask... Hal... are you there?) Ok... I can imagine another possibilities... but you got the idea... what is the intended route that the XO will follow in the life of this kid? Are we teaching them how to surf and then, in a few years we will ask them to surf without a board? ok... if that is the panorama it is better to know it now. Are we creating the new "slaves of the XO"? or this is a gadget that they can forget in some years? I am sure that many people (inside OLPC) has talk about this before and I suspect that the answer is not an easy one. Letting the decision to the governments* is not a valid answer because, in one way or another ALL the governments are part of the domination pyramid that we (we?) are trying to subvert with knowledge, wisdom, opportunities and good will. Best regards, Javier Rodriguez Lima, Peru * I am speaking about the "governments" as a establishment, a layer, a level of public administration... not about the people that works for this or that government... many of us can work for a "government" and become part of a structure that is very tight. Some people can go beyond the structure and some not. Richard A. Smith wrote: > Carl-Daniel Hailfinger wrote: > > >> As I stated before on this list, bypassing P_THEFT is very easy. You >> don't even have to desolder the complete flash chip, one pin is >> sufficient. All of this is doable for less than $1 per laptop if you >> have access to cheap labor. $1 per laptop is _not_ expensive enough to >> be infeasible. I am very willing to publish a video tutorial of the >> procedure if you think I can't do that. The only downside would be that >> everybody then knows how to bypass P_THEFT. >> > > If you want to tell me your procedure in private I'll be happy to review > it for you. IMHO we actually do need people to challenge what we have > done. Tis' the only real way to know. > > I'm guessing the single pin you are referring the the flash write > protect pin? If so then I'll note thats actually not where the strongest > part of the link is. Very early on we also disable the ability to talk > to the io ports on the EC that make writing to the SPI flash possible. > Once they are disabled you can't talk to the EC anymore to re-enable > them. You have to reset the EC. So far we have not found a method that > circumvents that. Fire away. > > Please give us the chance to fix it first if you do find something. :) > > >>> Contrary to your claim, initial >>> activation security is being heavily deployed and does seem to be >>> successful. >>> >>> >> A statement of security is a nice theft deterrent. This may change once >> the bad guys realize circumvention is very doable. >> > > There's an upper bound on the usefulness of theft deterrent by > software/hardware means. If you intend to steal the laptops in bulk the > there's actually much more value in black marketing the parts rather > than the entire laptop as a laptop. If you found a good markets for the > display and the battery you could just throw the CPU board away or > desolder and resell WLAN module and the 1G nand flash chips. So there's > really not much point in making the security stronger than that threshold. > > Right now to bypass the theft deterrent requires disassembly and we > think thats sufficient. Sure, in mass it will be cheap but the people > who have the resources to setup shops to do it in mass are the same > people who will do it regardless of how fancy were are. > > Trying to reach that level of theft deterrent is a losing battle and > just not needed. All it would really do is frustrate the repair centers. > > _______________________________________________ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel