Developer key philosophy

From OLPC
Revision as of 05:17, 22 August 2008 by Sethwoodworth (talk | contribs)
Jump to navigation Jump to search


The XO contains hardware and software theft-deterrence features, which sometimes get in the way of a prospective hardware or software hacker. The first step in joining the developer community is to request a developer key to allow you to turn these off if needed. Depending on where you are in the world, getting your developer key may take up to two weeks (!) so putting in the request should be the absolute first thing you do. There are many things you can hack around with even without a developer key, but you might as well get the process started so it won't be an impediment when you need one.

(Since the developer key turns off the theft-deterrence features, a deployment needs to verify that your laptop has not been reported stolen before granting the key. Depending on the deployment and its communications infrastructure, this could take a while, and we try to set the "wait time" to an appropriate interval for each deployment. If you feel like the wait is excessive, please email help at laptop.org -- but try not to burden them unduly.)

Instructions for requesting and installing a developer key are at Activation and developer keys on our wiki.

When you've received your developer key, there are two ways you can use it:

  1. You can invoke 'disable-security' from the Open Firmware prompt to skip all key checking (until you invoke 'enable-security' again). This also turns off "pretty boot" allowing you to see all the start up messages when you boot.
  2. You can install your developer key in /security/develop.sig, where it can be managed with the Security control panel (<trac>6428</trac>).

Although the choice is up to you, we hope you'll chose the latter option, since that exercises the key-checking and "pretty boot" code. Although we hope these never break, bugs do happen, and having our developers regularly testing this code ensures that problems are quickly discovered and fixed. Better you finding the bugs than some poor 6-year-old in Peru!

The Security control panel (will) also let you easily enable/disable the 'unlocking' performed by the developer key, so you can test your code in "secured" mode if necessary. (You can do the same with 'enable-security' from the Open Firmware prompt, but there's less safety checking performed, so it's easier to inadvertently lock yourself out of your machine that way.)