Talk:Bitfrost
Unix permissions
The author describes some version of typical Unix permissions and security model behind it and then complains that with this model "we can't stop viruses and malware" and that "anyone can send a user an executable program, and for many years the users' instinctive reaction was to open the attachment and run the program." The reality is quite different really. I use Unix systems since 15+ years. My machines were never eaten by a virus and I never have run a program directly from an attachment. The only problem with e-mail viruses is that they add to spam but it is very easy to filter viruses anyway.
If you start your design of new security model with such false assumptions your results may be still right at the end - or may be not.
- I'm not the author, but I think the new security model is a pretty good idea. Sure, you or I may not have gotten viruses, but nearly every inexperienced computer user I know has gotten one. You are lucky that you know not to open attachments and that Unix is not a high target for virus writers -- because there are not many Unix machines, and most of their owners know better than to open attachments or run strange programs. But the OLPC changes this: it will bring online a huge population of inexperienced computer users. It will be a magnet for botnets and mischief-makers. It deserves a well-thought-out security system.
- The benefit of the Unix permission system is that a user can only screw up their own files, not the files of other users or the operating system itself. As beneficial as this is, it is hardly a consolation to the user who has just lost all their files because they ran a program a "friend" sent them. Your solution is to advise the user never to run programs from other people, but this approach simply does not work, as we have seen with Windows. And, besides, one of the goals of OLPC is to allow its users to make new programs and share them with each other.
- It sounds like the Bitfrost approach is to create a file system sandbox for each application so that it can't interfere with other applications. This seems entirely reasonable to me. After all, it's what Java, .NET, and Flash do to allow the user to run unsafe applets. Python, the main OLPC development system, doesn't have this kind of sandbox (yet), so it's a good thing if the underlying operating system can provide it. —Leejc 19:49, 7 February 2007 (EST)
One Brick per child?
"The sole purpose of these keys will be to verify the integrity of bundled software and content" - what is five years down the line, the child has got bored of Squeak etc and decides to install a different Linux distro, will the DRM brick the laptop?
Sexist Article
Author refers to user in the feminine sense (she). Why not use non-gender-specific terminology such as they and their? ~ Some user.
She is understood as s/he. 209.181.213.53 21:44, 7 February 2007 (EST)
Typo
I can't edit the page, but the "No permanent data loss" box has a typo: in the event that
Women in the 70s
"any code the user executed, she ipso facto trusted for all practical purposes."
Since when did women use computers in the 70s? ;)
Legitimizing "Big Brother" and DRM
We all know that DRM is the enemy of open source projects, and is in fact tagged with "Defective by design". Why are you taking away the kid's control over their laptop on SECURITY concerns. You should know by now, if hackers want to use it, they will. Remember windows genuine advantage? Hackers cracked it too. All it did was hurt the end user.
I implore you (laptop.org) not to make the same mistake that Microsoft did. As much as I am hyped about your creation, I cannot help but feel dread as this proposed "security" idea steals control from the child, who is learning about computers through interacting with it, and giving it to an arbitrary authority who may misuse their power at any time. - Teenage system admin for Los Gatos Highschool.