On 9/1/06, Ivan Krstić <[EMAIL PROTECTED]> wrote:
Following further discussion within OLPC and consultation with some very smart, well-known security folks on the outside to triple-check my thinking (they were all fully satisfied), I've concluded that the benefits convincingly outweigh the cons for us, and have requested that the EC changes I proposed are implemented.
My understanding from the discussion on-list (Jim Getty's email) meant using the "belt and suspenders" approach. Meaning, signed bios but also holding down a key to update the BIOS. That would be sufficient to stop mass update. Did I read that wrong or did the decision change? Is there a requirements or design specification somewhere I can take a look at where decisions like are recorded or does it just go into the bug tracker? -- John.
_______________________________________________ Devel mailing list Devel@laptop.org http://mailman.laptop.org/mailman/listinfo/devel