From 6bc8463ed5b019bd63b8e652974f05389ab5b39f Mon Sep 17 00:00:00 2001 From: Francis Rowe Date: Mon, 12 Oct 2015 23:29:14 -0400 Subject: docs/hcl/c201.html: talk about the screw at the bottom of the page --- (limited to 'docs') diff --git a/docs/hcl/c201.html b/docs/hcl/c201.html index 5a163b2..995cee1 100644 --- a/docs/hcl/c201.html +++ b/docs/hcl/c201.html @@ -51,7 +51,6 @@
- - -
-

Flash chip write protection: the screw

-

- It's next to the flash chip. Unscrew it, and the flash chip is read-write. Screw it back in, and the flash chip is read-only. - It's called the screw. -

-

- The screw is accessible by removing other screws and gently prying off the upper shell, where the flash chip and the screw - are then directly accessible. User flashing from software is possible, without having to externally re-flash, but the flash chip - is SPI (SOIC-8 form factor) so you can also externally re-flash if you want to. In practise, you only need to externally re-flash - if you brick the laptop; read ../install/bbb_setup.html for an example of how to set up - an SPI programmer. -

-

- Write protection is useful, because it prevents the firmware from being re-flashed by any malicious software that - might become executed on your GNU/Linux system, as root. In other words, it can prevent a firmware-level evil maid attack. It's - possible to write protect on all current libreboot systems, but chromebooks make it easy. The screw is such a stupidly - simple idea, which all laptop designs should implement. -

-

Google is bad. We do not endorse them.

@@ -302,6 +280,27 @@
+

Flash chip write protection: the screw

+

+ It's next to the flash chip. Unscrew it, and the flash chip is read-write. Screw it back in, and the flash chip is read-only. + It's called the screw. +

+

+ The screw is accessible by removing other screws and gently prying off the upper shell, where the flash chip and the screw + are then directly accessible. User flashing from software is possible, without having to externally re-flash, but the flash chip + is SPI (SOIC-8 form factor) so you can also externally re-flash if you want to. In practise, you only need to externally re-flash + if you brick the laptop; read ../install/bbb_setup.html for an example of how to set up + an SPI programmer. +

+

+ Write protection is useful, because it prevents the firmware from being re-flashed by any malicious software that + might become executed on your GNU/Linux system, as root. In other words, it can prevent a firmware-level evil maid attack. It's + possible to write protect on all current libreboot systems, but chromebooks make it easy. The screw is such a stupidly + simple idea, which all laptop designs should implement. +

+
+ +

Copyright © 2015 Francis Rowe <info@gluglug.org.uk>
-- cgit v0.9.1