Talk:Bitfrost
Unix permissions
The author describes some version of typical Unix permissions and security model behind it and then complains that with this model "we can't stop viruses and malware" and that "anyone can send a user an executable program, and for many years the users' instinctive reaction was to open the attachment and run the program." The reality is quite different really. I use Unix systems since 15+ years. My machines were never eaten by a virus and I never have run a program directly from an attachment. The only problem with e-mail viruses is that they add to spam but it is very easy to filter viruses anyway.
If you start your design of new security model with such false assumptions your results may be still right at the end - or may be not.
- I'm not the author, but I think the new security model is a pretty good idea. Sure, you or I may not have gotten viruses, but nearly every inexperienced computer user I know has gotten one. You are lucky that you know not to open attachments and that Unix is not a high target for virus writers -- because there are not many Unix machines, and most of their owners know better than to open attachments or run strange programs. But the OLPC changes this: it will bring online a huge population of inexperienced computer users. It will be a magnet for botnets and mischief-makers. It deserves a well-thought-out security system.
- The benefit of the Unix permission system is that a user can only screw up their own files, not the files of other users or the operating system itself. As beneficial as this is, it is hardly a consolation to the user who has just lost all their files because they ran a program a "friend" sent them. Your solution is to advise the user never to run programs from other people, but this approach simply does not work, as we have seen with Windows. And, besides, one of the goals of OLPC is to allow its users to make new programs and share them with each other.
- It sounds like the Bitfrost approach is to create a file system sandbox for each application so that it can't interfere with other applications. This seems entirely reasonable to me. After all, it's what Java, .NET, and Flash do to allow the user to run unsafe applets. Python, the main OLPC development system, doesn't have this kind of sandbox (yet), so it's a good thing if the underlying operating system can provide it. —Leejc 19:49, 7 February 2007 (EST)
One Brick per child?
"The sole purpose of these keys will be to verify the integrity of bundled software and content" - what is five years down the line, the child has got bored of Squeak etc and decides to install a different Linux distro, will the DRM brick the laptop?
Sexist Article
Author refers to user in the feminine sense (she). Why not use non-gender-specific terminology such as they and their? ~ Some user.
She is understood as s/he. 209.181.213.53 21:44, 7 February 2007 (EST)
- A good way to use non-sexist language is simply to use the phrase he or she. Using he is traditional and is unfair to women, using she reads awkwardly. The German language has different words for male teacher and female teacher and so on and uses the equivalent of teachermale or teacherfemale in sentences. Reading he or she seems natural, balanced and factual. So maybe each use of she could be changed to be he or she please?
- This does go rather deeper than just this particular article. As this article is an official OLPC managed page one may perhaps wonder how OLPC documentation for the children will be worded. The use of the word they as a way of referring to one person so as not to indicate gender is an unfortunate trend in English these days. It is not, however, as bad as another trend, namely using the word you to mean someone or using the word you to mean some particular organization whose responsibilities are being discussed. This produces sentences which upon analysis sound ridiculous, yet such usage happens very often in television news interviews nowadays.
Typo
I can't edit the page, but the "No permanent data loss" box has a typo: in the event that
Women in the 70s
"any code the user executed, she ipso facto trusted for all practical purposes."
Since when did women use computers in the 70s? ;)
Legitimizing "Big Brother" and DRM
We all know that DRM is the enemy of open source projects, and is in fact tagged with "Defective by design". Why are you taking away the kid's control over their laptop on SECURITY concerns. You should know by now, if hackers want to use it, they will. Remember windows genuine advantage? Hackers cracked it too. All it did was hurt the end user.
I implore you (laptop.org) not to make the same mistake that Microsoft did. As much as I am hyped about your creation, I cannot help but feel dread as this proposed "security" idea steals control from the child, who is learning about computers through interacting with it, and giving it to an arbitrary authority who may misuse their power at any time. - Teenage system admin for Los Gatos Highschool (aka small penis high).
" Information on the laptop will be replicated to some centralized storage" OLPC is targeted at not so rich kids, do they all have internet access or are authors going to give blank cd/dvd and some stamps to send all those data from laptop to "some centralized storage"?