Developer key philosophy

From OLPC
Revision as of 17:04, 6 October 2008 by Mchua (talk | contribs)
Jump to: navigation, search


Pencil.png NOTE: The contents of this page are not set in stone, and are subject to change!

This page is a draft in active flux ...
Please leave suggestions on the talk page.

Pencil.png

This page explains the reasons we have implemented developer keys. For information on what developer keys are, see the page on activation and developer keys for an overview, or developer keys for specific information on how to obtain and use that kind of key.

Motivation

Well-designed software and hardware, when properly made, should let you do the things you are supposed to do. Another part of good design is ensuring that people who are not supposed to be able to do things (for instance, stealing laptops, or maliciously installing software intended to break an XO on a child's computer) are unable to do them.

Instead of locking down what children can and cannot do with the software on their machines, we have chosen instead to allow them to do whatever they want within a safe environment - as long as they are running a stable build that has been signed off on by OLPC to have working security (and other vital features), they can do pretty much whatever they want.

Developers, however, don't always want a "safe environment." It's important for developers to be able to use and test software that might crash, as it's better to find a bug on a developer's machine than on the XOs of 10,000 schoolchildren. A developer key allows a developer to bypass security features on their machine so they can experiment with bleeding-edge software.

What isn't locked down

Even without a developer key, children can still do all these things (and more):

  • Browse the web freely, without locks or filters (unless their particular deployment, school, teacher, or parent implements them).
  • Download whatever learning materials they want.
  • Install whatever software Activities they want on their XO - our security system prevents Activities from interfering with each other and with a child's data, so even if an Activity were to be maliciously designed, it would not break anything else on the laptop.
  • Install signed, stable, OLPC-approved operating system and Sugar (UI) builds.

What is locked down

These are the things you cannot do without a developer key.

  • Install unstable, unsigned, experimental builds on your XO.
  • Work with the firmware.

Notes

Our current implementation is not ideal. Some things that you currently need a developer key to do (auto-installation of rpms from a USB key, for example) are things that we would like to move into the list of features that a child or teacher could do without a developer key. However, until we can come up with a stable, secure way for these features to be implemented on a child's XO, only developers experimenting with new builds and software can do these things.

Retrieved from "http://wiki.laptop.org/mediawiki/index.php?title=Developer_key_philosophy&oldid=171644"