[OLPC Security] olpc security - wetware issues

Simson Garfinkel simsong at acm.org
Thu Feb 8 22:56:00 EST 2007


On Feb 8, 2007, at 7:03 PM, alien wrote:

>
> You raise a good point-- the first step would be to decide what would
> be important to log in this environment. Off the top of my head, you
> might want to track who has logged in and out, when programs were
> installed, when updates were applied, perhaps unusual uses of
> privilege, account creation/deletion or when/by whom shared files were
> accessed. What do you think?

I think that you don't quite understand what we are building or the  
target audience.

People do not log in or out of these laptops.

There is no account creation or deletion right now. Eventually there  
will probably be support for two people using the same laptop, but I  
haven't seen a spec so far. (Ivan?)

What do you mean, "unusual uses of privilege?"

Yes, it is useful to keep when the programs were installed, but this  
will probably be on a page that just shows the programs.

It seems to me that you keep thinking of this computer as "unix  
computer for the masses." That's not what's being built.


>
> Certainly at a minimum, I imagine reviewing who has logged into the
> system is a good start and a concept that any child should be able to
> understand.

What do you mean, "logged into the system?"

Put it this way: let's say we were talking about a cell phone, not a  
computer. How would you show the people who had logged into the cell  
phone?




More information about the Security mailing list