Talk:Bitfrost

From OLPC
Revision as of 20:49, 7 February 2007 by Leejc (talk | contribs)
Jump to: navigation, search

Unix permissions

The author describes some version of typical Unix permissions and security model behind it and then complains that with this model "we can't stop viruses and malware" and that "anyone can send a user an executable program, and for many years the users' instinctive reaction was to open the attachment and run the program." The reality is quite different really. I use Unix systems since 15+ years. My machines were never eaten by a virus and I never have run a program directly from an attachment. The only problem with e-mail viruses is that they add to spam but it is very easy to filter viruses anyway.

If you start your design of new security model with such false assumptions your results may be still right at the end - or may be not.

I'm not the author, but I think the new security model is a pretty good idea. Sure, you or I may not have gotten viruses, but nearly every inexperienced computer user I know has gotten one. You are lucky that you know not to open attachments and that Unix is not a high target for virus writers -- because there are not many Unix machines, and most of their owners know better than to open attachments or run strange programs. But the OLPC changes this: it will bring online a huge population of inexperienced computer users. It will be a magnet for botnets and mischief-makers. It deserves a well-thought-out security system.
The benefit of the Unix permission system is that a user can only screw up their own files, not the files of other users or the operating system itself. As beneficial as this is, it is hardly a consolation to the user who has just lost all their files because they ran a program a "friend" sent them. Your solution is to advise the user never to run programs from other people, but this approach simply does not work, as we have seen with Windows. And, besides, one of the goals of OLPC is to allow its users to make new programs and share them with each other.
It sounds like the Bitfrost approach is to create a file system sandbox for each application so that it can't interfere with other applications. This seems entirely reasonable to me. After all, it's what Java, .NET, and Flash do to allow the user to run unsafe applets. Python, the main OLPC development system, doesn't have this kind of sandbox (yet), so it's a good thing if the underlying operating system can provide it. —Leejc 19:49, 7 February 2007 (EST)

One Brick per child?

"The sole purpose of these keys will be to verify the integrity of bundled software and content" - what is five years down the line, the child has got bored of Squeak etc and decides to install a different Linux distro, will the DRM brick the laptop?

Sexist Article

Author refers to user in the feminine sense (she). Why not use non-gender-specific terminology such as they and their?

Retrieved from "http://wiki.laptop.org/mediawiki/index.php?title=Talk:Bitfrost&oldid=23902"