[OLPC Security] A mom's worries

Adric Net adric at adric.net
Thu Nov 29 07:58:42 EST 2007


Hi,

I understand your point (about root security), but please review the  
BitFrost documentation for a detailed explanation of the unique and  
specific guidelines the system is being developed under.  eg: http://wiki.laptop.org/go/BitFrost

For one, passwords are considered an advanced feature, to be offered  
to users (children, remember) who have advanced far enough in the  
computer skills to understand that utility and weakness. Leaving the  
system accessible to the children so they can learn is a high priority  
for the OLPC system.

For another, at any stage farther down the distribution tree, a  
government, a classroom, or perhaps even a parent could easily  
institute such a measure as you describe, or as numerous voices have  
requested, other software. This does not need to be done at the  
distribution level, and in fact your specific request (set a root  
password) would probably hamper the sponsoring governments ability to  
use the machines. It's a non-starter for this project.

Bitfrost is a pretty darn nifty and quite ambitious plan to use all of  
the tools available to ensure the functional and educational goals of  
the platform.  Once you've read over the draft spec, I'm sure the team  
will appreciate your input, particular if you can help them code part  
of it :) Malware defense is a big problem and _is_ an important part  
of the security plan (eg Rainbow, whitelisted capabilities), but there  
are other considerations.

Thanks,
Adric Net

On Nov 29, 2007, at 7:32 AM, Gmail Team wrote:

>   isolation (Multics, the various *nix {BSD, Linux, etc, etc], VMS,  
> and
> a signficant flotilla of others over
>   the last 40 years) have fewer "downstream consequences" to software
> suffering "unintended consequences".
>   The problem has been that, until fairly recently, user-friendly
> desktop software like Windows has been designed
>   with *very poor* user-to-user isolation, because the original design
> of the operating system was single-user.
>
> The root in the XO doesn't have a password, how can talk about,  
> permissions, and all that stuff, it the root, the admin of the whole  
> system doesn't has his own passwd ?. Any malware, can affect the  
> system simply doing 'su´.
> With just a pwgen ( $ man pwgen ) for the root, you will forget  
> about malwares.. but, with out pass, it will be like windows :'(
>
> Kindly Regards
> _______________________________________________
> Security mailing list
> Security at lists.laptop.org
> http://lists.laptop.org/listinfo/security

Adric Net
adric at adric.net





More information about the Security mailing list