?

Log in

No account? Create an account
entries friends calendar profile adric.net Previous Previous Next Next
Re: [OLPC Security] A mom's worries - nil.enroll(aetheric_username, quantum_class_id)
yljatlhQo'! QIch lo'laltbebej!
adric
adric
Re: [OLPC Security] A mom's worries
Hi,

I understand your point (about root security), but please review the BitFrost documentation for a detailed explanation of the unique and specific guidelines the system is being developed under. eg: http://wiki.laptop.org/go/BitFrost

For one, passwords are considered an advanced feature, to be offered to users (children, remember) who have advanced far enough in the computer skills to understand that utility and weakness. Leaving the system accessible to the children so they can learn is a high priority for the OLPC system.

For another, at any stage farther down the distribution tree, a government, a classroom, or perhaps even a parent could easily institute such a measure as you describe, or as numerous voices have requested, other software. This does not need to be done at the distribution level, and in fact your specific request (set a root password) would probably hamper the sponsoring governments ability to use the machines. It's a non-starter for this project.

Bitfrost is a pretty darn nifty and quite ambitious plan to use all of the tools available to ensure the functional and educational goals of the platform. Once you've read over the draft spec, I'm sure the team will appreciate your input, particular if you can help them code part of it :) Malware defense is a big problem and _is_ an important part of the security plan (eg Rainbow, whitelisted capabilities), but there are other considerations.

Thanks,
Adric Net

On Nov 29, 2007, at 7:32 AM, Gmail Team wrote:

isolation (Multics, the various *nix {BSD, Linux, etc, etc], VMS, and
a signficant flotilla of others over
the last 40 years) have fewer "downstream consequences" to software
suffering "unintended consequences".
The problem has been that, until fairly recently, user-friendly
desktop software like Windows has been designed
with *very poor* user-to-user isolation, because the original design
of the operating system was single-user.

The root in the XO doesn't have a password, how can talk about, permissions, and all that stuff, it the root, the admin of the whole system doesn't has his own passwd ?. Any malware, can affect the system simply doing 'su´.
With just a pwgen ( $ man pwgen ) for the root, you will forget about malwares.. but, with out pass, it will be like windows :'(

Kindly Regards

OLPC Security List is hardly ever on topic, it seems. Also, if this is the calibre of the Gmail Team ... *cough*, maybe I should apply :P Hint: Read documentation and FAQs, as well as skim previous posts before posting to list. cf ESR's How to Ask Questions

Current Location: bedroom (now with light)
Current Music: NPR - Morning Edition

Leave a comment