[OLPC Security] Public release: OLPC Bitfrost security platform

[xuan wu]

As I read the wiki page, the idea of a "fair" system as below occur to me.
1. Every program is considered as a user and has his own home.
2. Each of them has security permissions on resource on the file system and
also the hardwares.
3. They are aware of what each other has done to each other's territory,
including the user himself.

After browsing the spec, I find some similarities in the parts of software
installation and development, yet I'm not sure if I fully get your ideas.

Talking of the principle of "No reading required", with the structure above,
the programs can handle the intrusion themselves without informing the user,
while at the same time the user have the ability to know the intrusion so
that he can know what programs are "bad eggs".

By the way, the nowadays antivirus software actually feels more and more
like a administrator to me, as I don't know what the virus it finds out has
done to the system, and what the standard of "being virus", which makes me
feel really unsecure.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.laptop.org/pipermail/security/attachments/20070208/ec5d5a73/attachment.html