defending against evil in all layers of hardware and software
Jonathan Thornburg
J.Thornburg at soton.ac.uk
Tue Apr 29 13:49:30 EDT 2008
On Tue, 29 Apr 2008, Ivan KrstiÄ~G wrote:
> On Apr 28, 2008, at 12:58 PM, John Denker wrote:
> > Of course we should insist on an open-source boot ROM code:
> > The boot ROM should check the pgp signature of each PCI card's
> > BIOS code before letting it get control. And then it should
> > check the pgp signature of the operating system before booting
> > it. I don't know of any machine that actually does this
>
>
> The OLPC XO-1 laptop has an open-source bootloader (Open Firmware) which
> checks the operating system signature before passing control to it.
If the bootloader is running on malicious hardware I don't think that
test can be trusted. :(
-- Jonathan Thornburg (remove -animal to reply) <J.Thornburg at soton.ac-zebra.uk>
School of Mathematics, U of Southampton, England
"C++ is to programming as sex is to reproduction. Better ways might
technically exist but they're not nearly as much fun." -- Nikolai Irgens
More information about the cryptography
mailing list