On Tue, Mar 15, 2011 at 12:35:06AM -0700, Thomas Lord wrote:
Jonas:I want activation to be possible even in a somewhat hostile environment.This is a really great answer and so thanks, Jonas .... but...
[arguments for and emphasis on cutting time short snipped]
So I don't care for that short a time frame about booting in the most hostile environments because I'm pretty sure I can't ship any of the hardware to such environments nevermind support the software there just yet.
I totally agree with not aiming for military grade robustness - that's why I did not myself write "most hostile" but "somewhat hostile".
If you want to launch 500 boxes, it is large enough to be likely to reach someone trying to see if it is easy to do a "man-in-the-middle attack during the personalization design process. Perhaps even so easy that a news reporter might find it exciting to write a story about.
Bad, really bad.
what's the "faster cheaper better" solution we can roll out in 11 months?
The solution containing fewer features. Not the one with sloppy personalization handling.
That latter one is called an early beta, not a production release! And even then remember how Diaspora got beaten with their _ALPHA_ release which contained insecure design!
- Jonas -- * Jonas Smedegaard - idealist & Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ [x] quote me freely [ ] ask before reusing [ ] keep private
signature.asc
Description: Digital signature
_______________________________________________ Freedombox-discuss mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/freedombox-discuss
