On 01/10/2018, Youness Alaoui kakaroto@kakaroto.homelinux.net wrote:
[...] Youness and others at Purism: if you are reading this, please do spec a momentary switch to control flashing on future Librems. Your security-conscious users will thank you for it.
Yes, I already suggested it for the next iteration.
Great!
It wouldn't be a switch though, but rather a low profile 90-degrees jumper on the motherboard.
This seems to imply that each time a Librem user wants to internally flash the ROM, she would have to:
- power down the laptop(?); - implement ESD precautions; - remove the half a dozen or so tiny bottom case screws, without losing them, and without stripping their heads or threads or threaded inserts; - remove the bottom case; - move a tiny motherboard jumper to "write-enable", without losing it; - power up the laptop with the bottom case off(?); - run FlashROM (or equivalent); - power down the laptop again(?); - move the tiny motherboard jumper to "write-protect", without losing it; - push-fit the bottom case correctly; - insert the half a dozen or so tiny bottom case screws, without losing them, and without stripping their heads or threads or threaded inserts; - power the laptop back up(?).
Surely, having a momentary switch next to the existing kill switches would be *much* more user-friendly! With such a switch, such a user would just have to:
- hold the switch down while starting Flashrom (or equivalent); - release the switch and let the flashing process finish.
As for your question earlier about someone forgetting it. I would assume that it would be easy to have the Heads menu show a big warning to the user if it's left unprotected
Your assumption fails against a BadHeads attack.
Right now, if you boot into linux while ignoring tampering, you get your ttys in red, as a huge and very visible warning.
Only in the absence of BadHeads.
Also, yes Sam, you did understand me perfectly, thanks!
Great! :)
-
Sam Kuper