[IAEP] Sugar on a Stick - How might a Sugar USB experience work in practice?

Caroline Meeks caroline at solutiongrove.com
Wed Oct 1 09:37:32 EDT 2008


Hi Jonas and Alan,

I agree with your thoughts here.  Certainly the distribution we use should
not make it easy to see the host computer's hard-drive.

A harder problem is someone booting up with a different boot USB/CD.  Most
of the school computers I have met already allow boot by CD so that risk is
already there.  However, it would be good to think about how we can minimize
the risk to the network.

Thanks,
Caroline

On Wed, Oct 1, 2008 at 7:46 AM, Jonas Smedegaard <dr at jones.dk> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Wed, Oct 01, 2008 at 11:19:10AM +0100, alan c wrote:
> >Caroline Meeks wrote:
> >> On Tue, Sep 30, 2008 at 10:48 AM, Walter Bender
> >> <walter.bender at gmail.com>wrote:
> >>
> >>>  David and I will be helping set up a Sugar classroom in a Boston
> >>> public school that trying to make use of some old Pentium IV desktop
> >>> machines;
>
> >> When schools, children's libraries, and after-school programs have
> >> computers and they can be changed to boot from the USB it's likely
> >> that the tech people will be willing to do so.
>
> >I have a passing thought - which others may already have considered
> >anyway.
> >
> >In principle, when booting from a device and running a linux based OS,
> >it is usually possible to obtain control of the host hardware somehow,
> >for example by use of a terminal. I trust that whatever (high?) skill
> >level the usb stick user has, it will not be technically possible to
> >damage the host system's data?
>
> I suspect that to be technically impossible to guarantee.
>
> E.g. how to ensure that the system booted from that stick is not a
> derivation with "evil" formatting tool added?
>
> But relevant any way to be aware of, to at least make _difficult_ to
> wreak havoc (or worse: be able to do damage even by accident).
>
>
>  - Jonas
>
> - --
> * Jonas Smedegaard - idealist og Internet-arkitekt
> * Tlf.: +45 40843136  Website: http://dr.jones.dk/
>
>  [x] quote me freely  [ ] ask before reusing  [ ] keep private
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
>
> iEYEARECAAYFAkjjYywACgkQn7DbMsAkQLi3EACcC14wrLqevvNDEa71Zecbe2xO
> qwcAnidyrHguf8K3v++cTJo61zrOgQDc
> =0Eew
> -----END PGP SIGNATURE-----
> _______________________________________________
> IAEP -- It's An Education Project (not a laptop project!)
> IAEP at lists.sugarlabs.org
> http://lists.sugarlabs.org/listinfo/iaep
>



-- 
Caroline Meeks
Solution Grove
Caroline at SolutionGrove.com

617-500-3488 - Office
505-213-3268 - Fax
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.sugarlabs.org/archive/iaep/attachments/20081001/419207c9/attachment.htm 


More information about the IAEP mailing list