[OLPC Security] A mom's worries

Michael Stone michael at laptop.org
Wed Nov 28 17:46:19 EST 2007 

Sherri,

First, thank you very much for your frank comments.

> For the past year, OLPC developers have been brushing aside issues
> surrounding viruses, spyware and user/parent awareness of security by
> suggesting that the XO model and code are invulnerable. This is
> completely unrealistic.

As you say, it is completely unrealistic to claim that the first software
release we ship will be invulnerable to the threats you mention.
However, since there exists no software satisfying both our non-security
requirements and the 'invulnerability' property you mention, it's not
obvious to me that this is a fruitful standard to try to meet.

> To repeat that viewpoint to parents, as you just did, is like selling
> someone a car and saying it will never break down. I would venture to
> say that it is irresponsible and not a fair way to treat the people
> whose lives you will be affecting with this device.

A more precise claim is that my study of the Bitfrost specification,
available at
  
  http://dev.laptop.org/git?p=security;a=blob;f=bitfrost.txt

generated answers to the questions: "what are the threats, in what
environment can they be realized, and what can we do to mitigate them?"
that make me reasonably happy. Perhaps they are less satisfying for you.
In that case, we should work together with all the other interested
parties to amend the specification until it is satisfactory.

Bitfrost §9.7.2 might be a good place to start.

> Please take responsibility for providing user-level safety mechanisms
> with the tool you are creating. 

> ...[I am] a security professional specializing in Unix/Linux security

As someone who cares passionately about the security we will be
providing to children using the laptop and as "a security professional
specializing in Unix/Linux security", you seem like you might be
uniquely suited to help implement a security system that mitigates the
threats that you see to users of the laptop. 

> I would like to see a built-in, very easy-to-use interface where parents
> can browse logs of web site surfing, email use and IM conversations.
> Parents should have the ability to easily restrict their child's web
> surfing and conversations, especially for young children, and to block
> emails when they do not think the communication is appropriate.

Wonderful. First, you should briefly describe use cases, requirements,
and implementation thoughts on a wiki page or a version-controlled text
file. Then you should request that your feature be scheduled by opening
tickets to track its implementation in our bug tracker. Then you should
coordinate implementation of the feature with your fellow contributors
on #olpc-devel (irc.oftc.net) and #sugar (irc.freenode.org). 
 
Our wiki and bug tracker are located at

  http://wiki.laptop.org  and  http://dev.laptop.org

respectively. 

You should sign up for accounts, introduce yourself to other
contributors, and begin work. I (m_stone on irc) and many others will be
happy to help you familiarize yourself with the current system.

> This capability is available by default on many systems in the developed
> world. Parents and teachers in the developing world should also have
> access to the same types of tools. 

An alternate strategy would be for you to work with a vendor of such a
technology to port it to and distribute it for our platform. Many
companies have made substantial donations (even complete pieces of
software) to the project.

Michael

More information about the Security mailing list