I feel slightly guilty, as I once offered this very solution for video card vendors who want to protect their secrets but interface with open source drivers - put the secrets in firmware. I only feel slightly guilty because I doubt my input had anything to do with this.
But I needed to be more specific. A hardware interface needs a very different design from a software API like GLES:
o It needs to provide security guarantees (bugs in the firmware can't be exploited to scribble on shared RAM).
o It needs to provide lower level functions - that would be cumbersome and error prine for applications, but can be combined in creative and flexible ways by drivers.
Just sticking a high level API in firmware is a security and maintenance nightmare.
Miles, one of the functions of a central server is authentication. How does your smart notebook recognize team members, and confine updates to that group? The article mentions email. Does it simply email changes to a list of group members? This won't scale to larger groups (maybe not a problem - since the human interaction doesn't scale to larger groups either).
Authored Comments
I feel slightly guilty, as I once offered this very solution for video card vendors who want to protect their secrets but interface with open source drivers - put the secrets in firmware. I only feel slightly guilty because I doubt my input had anything to do with this.
But I needed to be more specific. A hardware interface needs a very different design from a software API like GLES:
o It needs to provide security guarantees (bugs in the firmware can't be exploited to scribble on shared RAM).
o It needs to provide lower level functions - that would be cumbersome and error prine for applications, but can be combined in creative and flexible ways by drivers.
Just sticking a high level API in firmware is a security and maintenance nightmare.
Miles, one of the functions of a central server is authentication. How does your smart notebook recognize team members, and confine updates to that group? The article mentions email. Does it simply email changes to a list of group members? This won't scale to larger groups (maybe not a problem - since the human interaction doesn't scale to larger groups either).