Security and the $100 Laptop 144
gondaba writes "The One Laptop Per Child project is actively recruiting hackers to help crack the security model of the $100 laptop to avoid the obvious risks associated with what will effectively be the largest computing monoculture in history. From the article: 'The key design goal, Krstic explained, is to avoid irreversible damage to the machines. The laptops will force applications to run in a "walled garden" that isolates files from certain sensitive locations like the kernel. "If we discover vulnerabilities, the security model must hold up enough that even a machine that is unpatched won't be easily exploitable. This gives us a bit of diversity to avoid the monoculture trap," he added.'"
Re:Why hack a machine that will have no data on it (Score:3, Insightful)
Re:Pull my cracker (Score:4, Insightful)
Hack the proprietary binary only WiFi firmware! (Score:2, Insightful)
closed components.
Re:Why hack a machine that will have no data on it (Score:4, Insightful)
Re:Why hack a machine that will have no data on it (Score:4, Insightful)
No data, but quite a processing network (Score:5, Insightful)
On the other hand, there are going to be a *lot* of these machines. So I suppose they might make a tempting target "just because" or simply for bulk processing.
Re:virtualize the applications (Score:2, Insightful)
Re:virtualize the applications (Score:5, Insightful)
As far as I'm concerned, running applications should already be separated from one another. This leaves interaction through the file system and IPC (inter-process communication).
Virtual machines take away the interaction through the filesystem, as well as local IPC. The latter doesn't actually necessarily make the system more secure, as it makes it more difficult to tell if IPC is safe (on the virtual network) or open to attacks (on the real network). At any rate, IPC will be less efficient, because you lose shared memory IPC.
By taking away common filesystem access and complicating IPC, applications become less usable. How do you get the file Alice sent you by email to your word processor? How do you copy-paste from one application to another? How do you do process management, when the process management tools are made for a single machine, but you have everything runnig under virtual machines?
Once you work around these restrictions, what will you be left with? Are you going to re-introduce common filesystem access and create a drag-and-drop interface that works accross virtual machines? When you've done so, won't you have a system that has pretty much the same capabilities as one that isn't based on loads of virtual machines, except that your system is much more complex? Won't that complexity introduce new bugs and vulnerabilities? Will the system not be too slow to be usable?
Re:Could actually be a problem (Score:3, Insightful)
If you mean competitors among OSes (ie Apple and Red Hat), then no, it's not.
But their competitors in other fields - antivirus (McAffee, Symantec, Norton), accounting (Quicken), PDF and presentation tools (Adobe) - greatly benefit from the limitations placed on Windows by antitrust settlements. Since Microsoft can't use their OS monopoly to further other monopolies, they have to compete on a much more level playing field with others to sell their software. So to those companies, MS's OS monopoly is actually a win-win: They have a dominant platform to build their own software towards, and they don't have to worry about competing with built-in software.
Re:virtualize the applications (Score:3, Insightful)
How are virtual machines going to help here? What protection do virtual machines grant that the operating itself doesn't grant?
Most operating systems, including most Linux systems do not have strict access controls on an application level. Using a VM is one way to use existing tools to add much of that functionality to an OS not designed for it. I actually think VMs are going to be used more for this purpose in the future, since it also mitigates some of the cross-platform issues.
The problem can also be tackled more elegantly using ACLs or MAC within the OS, such as FreeBSD jails, Solaris containers and the like and given the limited resources on these machines, this is almost certainly the way to go. The real problem is making this user friendly enough and providing the correct default settings to make this type of a system usable to the novice computer user. It is doable, but not something for a HCI novice to tackle. I've actually been hoping Apple would tackle this one in OS X and provide something reasonable for other OS's to copy, but I don't think it is likely anytime soon. The usability and HCI aspect of this feature is critical to its security, but I fear it will be ignored due to the biases of a large portion of the Linux development community.
Recruiting Hackers (Score:3, Insightful)
So let's see:
1) l33t h4xx04z finds a nifty security hole.
2) l33t h4xx04z determines that he could use this hole to create 100 million zombies.
3) Decision - a) report the hole so that it can be fixed OR b) start working on exploit to create 100 million marketable zombies
4) PROFIT.
Re:Step in the Wrong Direction? (Score:4, Insightful)
I don't mean to be a Johnny-Come-Lately, but isn't there other ways to improve a civilization/country/etc without computers?
Sure there are. But just because there are other ways does not make this method any less beneficial.
Why is that when Linux is mentioned, it's like being touched by the Hand of God (or Allah for that matter) ?
Most things we can give or subsidize the cost of for developing nations have negative consequences. Giving them food, destroys the local market and kills their agricultural sector. Giving them GM crops that grow faster and better makes them dependent upon the companies who own the patent on that crop and who can later demand fees for its use. Giving them cheap Windows based PCs, may help in the short term, but it makes them dependent upon IP from an abusive foreign monopoly in the long term.
Linux is a win-win situation because by nature it ships with all the blueprints and tools needed with the only strings being used to stop it from being exploited in ways that hurt the end user. It gives them access to technology and information and provides a secure foundation for them to build upon without undercutting any local development. Rather, it encourages local development.
Imagine if instead of shipping food to African nations at below the market value, we shipped them a complete chain of tools and machinery needed to build from the ground up the entire industrial foundation for agricultural equipment and fertilizers. Basically, we gave them the whole setup of factories and education and patents we have. Then they would not be dependent upon us and could grow their own food the same way we do.
To do that would be prohibitively expensive for agriculture, but for software development, Linux is that complete chain, with no strings attached. That is why it is so well regarded by those interested in helping developing nations.