[Freedombox-discuss] [ask] booting and configuring
On Tue, Mar 15, 2011 at 12:35:06AM -0700, Thomas Lord wrote:
>Jonas:
>
>> I want activation to be possible even in a somewhat hostile
>> environment.
>>
>
>This is a really great answer and so thanks, Jonas .... but...
[arguments for and emphasis on cutting time short snipped]
>So I don't care for that short a time frame about
>booting in the most hostile environments because I'm
>pretty sure I can't ship any of the hardware to
>such environments nevermind support the software there
>just yet.
I totally agree with not aiming for military grade robustness - that's
why I did not myself write "most hostile" but "somewhat hostile".
If you want to launch 500 boxes, it is large enough to be likely to
reach someone trying to see if it is easy to do a "man-in-the-middle
attack during the personalization design process. Perhaps even so easy
that a news reporter might find it exciting to write a story about.
Bad, really bad.
>what's the "faster cheaper better" solution we can roll out in 11
>months?
The solution containing fewer features. Not the one with sloppy
personalization handling.
That latter one is called an early beta, not a production release! And
even then remember how Diaspora got beaten with their _ALPHA_ release
which contained insecure design!
- Jonas
--
* Jonas Smedegaard - idealist & Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
[x] quote me freely [ ] ask before reusing [ ] keep private
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20110315/dc167dca/attachment-0001.pgp>
Reply to: