[The content of this email was forwarded on request from Bill Arbaugh]
All,
Adam Agnew asked me to respond to the issues involving UPenn's patent based on my dissertation work.
If you've done any technical work at University here in the US, then you know that the University where you are going to school (or working) owns your IP in most circumstances (not all fortunately). As a result, the patent on my dissertation research is owned by UPenn and not myself.
When we started the secure boot work at Maryland, I had assurances from UPenn that we could release the code to the open source community. I've been working with the lawyers at UPenn for two years now to make that happen. A slow and painful process. I'm told that the paperwork to do that is now awaiting approval. I have not seen the final paperwork, nor even an initial draft. So I have no idea, what it looks like. Once it is possible to release the secure boot code, we will.
The ADLO work (minus the security hooks) is a different matter completely. While it came out of the secure boot work, it is not encumbered by the UPenn patent and can be released.
Bill
On 17 Apr 2003, Eric W. Biederman wrote:
Adam Agnew agnew@cs.umd.edu writes:
The one in question is 6,185,678 http://patft.uspto.gov/netacgi/nph-Parser?Sect1=PTO2&Sect2=HITOFF&u=...)
That was an interesting read. At least I now have an idea of what Bill was thinking of. Most interesting is that there is not a mechanism for the trust to go both ways. In particular how is the loaded code to know it is running on a trusted system.
In addition there are some fundamental things in his description that I would simply not implement as described. Nastily extending DHCP and TFTP when IPsec could be used. And in general I don't think any trust is needed at all of the Network Packets. Just the loaded image needs to carry a signature that can be verified.
And the description does not address when the system has exploitable bugs. In particular systems like the X-box can be compromised with buffer overflows and other security standard security holes. Allowing an untrusted application to gain special privileges on the machine.
This is not to say that strong/trusted integrity checks of the components of the system are a bad idea. But rather to show that simply loading trusted components does not give a secure system. That requires only trusting bug free software which as an engineering assumption is impossible.
And from my understanding, it's owned by the U of Penn and comes down to their decision when an open source implementation can be released.
The universities playing with ``IP'' and stifling innovation... Sigh.
Linuxbios mailing list Linuxbios@clustermatic.org http://www.clustermatic.org/mailman/listinfo/linuxbios