| |||||||||||||
Bitfrost: the OLPC security modelBitfrost: the OLPC security modelPosted Feb 8, 2007 14:13 UTC (Thu) by NAR (subscriber, #1313)In reply to: Bitfrost: the OLPC security model by drag Parent article: Bitfrost: the OLPC security model There is absolutely no requirement in the GPLv3 for developers to release any private keys, they just have to provide the ability to allow users to run modified code with no loss in functionality if the original makers themselves can do so also. So the developers would have to give me a key, which enables me to run the modified code - even if the modification means that I've removed the anti-theft features like the "calling home" thing. Which would brake the whole anti-theft concept. Or is there something I'm missing?
(Log in to post comments)
Bitfrost: the OLPC security model Posted Feb 8, 2007 16:07 UTC (Thu) by nix (subscriber, #2304) [Link] I see what you mean: what stops thieves contacting the developers and asking for a developer's key? (Equally, what stops crooked bureaucrats diverting the identity USB keys at the same time as they divert a bunch of laptops?)
Bitfrost: the OLPC security model Posted Feb 8, 2007 16:11 UTC (Thu) by corbet (editor, #1) [Link] There is a delay built into the developer key mechanism; if the laptop is reported stolen during the wait, no key is issued.
Bitfrost: the OLPC security model Posted Feb 8, 2007 23:03 UTC (Thu) by drag (subscriber, #31333) [Link] Also I presume that they would take steps to confirm your identity so that they are issuing a key to a laptop to the person that is actually suppose to have the laptop. (I don't think 'theft' would constitute 'distribution' under the GPL)
Sort of like how if you work in a corporate setting and somebody calls you up asking for (or to reset and replace) a password they 'forgot' you would want to take a bit of time to try to confirm the identity of the person on the other side of the phone before issuing the password.
|
|||||||||||||