The OLPC and BIOS upgrades
Posted Aug 31, 2006 17:10 UTC (Thu) by iabervon
In reply to: The OLPC and BIOS upgrades
Parent article: The OLPC and BIOS upgrades
If nothing else, just about any device will get broken if power runs out halfway through replacing the BIOS; unless there's twice as much storage for the BIOS, there can't be either complete image on the system. So you at least need some way to recover from this.
Personally, I think the best idea is to have a ROM bootloader, capable of flashing the BIOS from a USB device or from a ROM original if the system is powered up with some arrangement that's hard to do accidentally. You can't replace the bootloader, but you shouldn't need to, because it doesn't do anything other that replace the BIOS or start running it. It should probably also be possible to replace the BIOS if the current BIOS permits it (generally, if the new image is signed by a key known to the existing BIOS). With this scheme, the user always has the ultimate control, able to do whatever with a USB device and physical access; the nation can preconfigure the machines with their own images, and can mass-update machines if it has set this up (and the machines are still using their BIOS). So there is the potential for a bricking or backdoor virus, but physical access is sufficient to recover from this situation. Users can hack on the BIOS, but the mechanism they use to change it is not easy to subvert, since it requires external storage and out-of-band actions (e.g., removing the battery). Of course, BIOS developers would add their own key to their own BIOS, and be able to update it easily, but these users will be harder to fool.
to post comments)