[email protected] said: >> While we have your attention on this topic... >> Do you not think that this is a security issue? In that a thief could >> put a laptop on a network with rigged DNS and have control over the >> time/date on the laptop?
> A sane security system would let the user control their local time, without > jeopardizing security based on server (or "firmware") time. That's hard to do if the user is root. I'm far from a wizard on this area, but I think the key idea is that there is only one RTC and there isn't any reasonable way for the firmware to hide it from the OS. So if you let the user become root, they can set the RTC back and keep using an old lease as long as they can hide from the anti-theft server at boot time. I think a thief could do useful work on a stolen XO as long as they are willing to run with the clock set incorrectly (to bypass the firmware boot-time checks) and they are smart enough to disable any non-firmware security checks. They would have to avoid booting near an anti-theft (school) server and/or hide behind a firewall that would filter it out. Is there a good high level description of how the current anti-theft works? I've found these: http://wiki.laptop.org/go/Antitheft_HowTo http://wiki.laptop.org/go/XS-activation http://wiki.laptop.org/go/OLPC_Bitfrost The first two are full of commands to type to use the current anti-theft setup, but there isn't much discussion of the big picture. The Bitfrost doc was last edited in Feb 2007. I haven't found a discussion of the set-the-clock-back case. The Bitfrost doc describes an anti-theft daemon running on the XO at: http://wiki.laptop.org/go/OLPC_Bitfrost#P_THEFT:_anti-theft_protection It also expects file protection for the critical parts of the OS as described here: http://wiki.laptop.org/go/OLPC_Bitfrost#P_SF_CORE Has that been implemented? If so, how, and where do I find more info? I don't remember any discussion of that topic. There is also discussion of maintaining a per program view of the RTC at: http://wiki.laptop.org/go/OLPC_Bitfrost#P_RTC:_real_time_clock_protection I don't think that's been implemented either. It's probably possible to make the anti-theft stuff significantly more robust in this area. I think it would be a lot of work. The two chunks of Bitfrost above would be a good start. I'm not sure they are sufficient and/or there may be simpler ways. Security is hard. -- These are my opinions, not necessarily my employer's. I hate spam. _______________________________________________ Devel mailing list [email protected] http://lists.laptop.org/listinfo/devel
