[atlas] Reasons to celebrate - passed 1K active probes :)

On 12/23/11 19:10 , Simon Josefsson wrote:
> One way to deal with that is to let the probes send in the hash value of
> its firmware or something similar, which can be used to detect problems
> like that.  And you could prepare "official" reports based only on the
> probes running "official" firmware.
You want untrusted firmware to send a hash value of itself? How do you 
know it is not lying?

> I really think this is orthogonal to releasing source code though.  If
> you haven't built in any security mechanism, people can already do what
> you appear to be afraid of today.
>
(From a technical point of view) releasing the source is not an issue. 
The probes come with key material that allows them to connect to the 
Atlas infrastructure. In theory you can get that out of the probe. But, 
you would violate the agreement as a probe host and it would be quite 
tricky to do. And, you can take over only one probe at a time which has 
to be in your physical possession.

If we would allow 'third party' probes to connect to the Atlas 
infrastructure then all of that changes. No need to physically obtain a 
probe. Just download the source, request a key. And start hacking away.