[U-Boot] U-book and GPLv3? (fwd)

Jean-Christian de Rivaz jc at eclis.ch
Thu Jun 25 21:10:11 CEST 2009


ksi at koi8.net a écrit :
>> Please point out precisely the regulations that require secure boot.
>> Should be
>> trivial as regulations are by definition public.
> 
> Do you happen to know what "Google" is?

Yes, thanks :-)

For example this document have the term "secure boot":
http://www.dcg.virginia.gov/supplier/sup-rules/standards.shtm
The wording is this one:
"D. Electronic Bingo
[...]
3.
[...] Security measures that may be employed to comply with these
provisions include, but are not limited to the use of dongles, digital
signature comparison hardware and software; secure boot loaders,
encryption, and key and callback password systems."

The term "secure boot" is listed as a possibility, not as a requirement.

Now I don't have the time to parse every possible document that Google
propose. This is why I politely ask a precise example, as I was under
the impression that some peoples know very well this subject.

> This is our Nevada regulations:
> 
> http://gaming.nv.gov/stats_regs.htm

I don't have the time to parse all the documents listed at this URL, but
I downloaded the one I suspect is the more relevant:
http://gaming.nv.gov/stats_regs/reg14_tech_stnds.pdf
And I cannot found "secure boot" into it.

>> I failed to understand how a secure booted machine can be updated by the
>> manufacturer to fix a bug for example, but not by a customer.
> 
> The manufacturer can _NOT_ update his machine at will. _EACH AND EVERY_
> change goes through the same approval process.

Still, technically the hardware have only two possibility:
1) it can be reprogrammed.
2) it can't be reprogrammed.

If 1), I dont' see how the a boot loader can't be replaced by a less
secure one and let boot anything.

if 2), there is not point as nobody can possibly make any update, so the
firmware don't have to be secured.

Regards,

Jean-Christian de Rivaz


More information about the U-Boot mailing list