Talk:Security

From OLPC
Revision as of 13:20, 2 June 2006 by Simosx (talk | contribs)
Jump to navigation Jump to search

IMHO, the endusers should have to spend zero time worrying about security. The laptops have to be as trustworthy as a book.

--BobBagwill 09:20, 13 April 2006 (EDT)

Just as you have to keep a book in your physical possession to guarantee it does not get written on, soiled, or destroyed, physical possession of the laptop will always allow malicious individuals to defeat its security. So trustworthy as a book and secure as a book are excellent goal statements but they do not equate to zero time worrying about security.

--The Guy who used Negroponte's Q&A session to push Domestic Adoption

I disagree. If the OS is digitally signed, you can guarantee it hasn't been tampered with. If the laptop will only download/store/boot/execute signed images, updates will be trustworthy too. That leaves user data. Assuming the only authentication will be a password or challenge/response, the laptop will be vulnerable to shoulder-surfing. If the laptops backed up to a central server, you could always restore to a previous state.

--BobBagwill

The more networked a computer gets, the more chances exist that a remote exploit will appear. Please make a list on the Wiki of any network-accessible services the OLPC will have, as they need to be scrutinised.

--SimosX