Just another ComMetrics – social media monitoring, best metrics, marketing metrics weblog

2 One Laptop per Child (OLP) – GovCert.NL symposium – empowerment for end-users working with their desktops

October 19th, 2007 · No Comments ·

We brought you:

1 empowerment for end-users

2 empowerment for end-users – conundrum

The Bitfrost approach is unique in the way that it adheres to four basic principles
Open Design, No Lockdown, No Required Reading and Unobstrucive Security.
The about Bitfrost principles are aimed towards five main goals
No User Passwords, No Unencrypted Authentication, Out-of-the-box Security, Limited Institutional PKI and No Permanent Data Loss

Could it be that we are failing somewhere? Unfortunately users have to make sensible and informed choices about things they may not understand very well. An example is when the firewall informs the user that port xyz wants to connect to the Internet….. how is he or she supposed to responde, allow or disallow the request?

Why do we show these dialog boxes?

Because we are too scared legally, or as technologists we want to make the decision for the user? But the user is overwhelmed and adolescents have a tendency to make risky decisions as this presentation given during GovCERT.NL 2007 symposium shows:

2 2007 conference – user empowerment and information security

Hence, awarenenss raising programs can help in improving information security but only, if it addresses the risky choices issue for younger people.

But as another presentation pointed out. As importantly, operating systems are too complicated as we pointed out above. Bitfrost, the security platform used with OLPC implements defense in depth. While the idea of limiting permissions program by program dates back as far as 1959, it is not been adopted widely because it puts the burden on application writers to deal with security.

Other Linux/Unix-based systems — including Apple’s Mac OS — run programs with authority limited to a local user. Unfortunately, the program can still delete user files, even if it can not touch the underlying system files. There is not one one magic system that will prevent any breaches or malware, but there are a series of technologies that make them less likely, mitigate the amount of harm when they do take place, and allow for disaster recovery when the worst happens.

We talked about this here:

1 One Laptop Per Child (OLP)
The One Laptop per Chilc or OLP computer is based on the following principles:

– prevent hardware damage by software

– provide recoveaqbility and openness (learner’s machine)

– prevent permanent data loss

– protect the user’s privacy

– discouarge the laptops being a platform for attacks

– keep the laptop under onctrol of its owner

But this means that five goals have to be meet:

– no user passwords

– out-of-the-box security

– open design

– no reading required (i.e. users may be illiterate and even if they can read five your olds do not understand the messages given by programs such as Windows)

– no lockdown

Find out more about this project regarding technical issues:

One Laptop Per Child (OLPC) – security with Bitfrost – explanation for geeks


A system like this makes cross-applications more difficult. Hence, to enable these few cases were cross-applications or cross-communications between programs must work could be achieved with a white list. Hence, it is doable but a challenge.

The system compartementalizes …. and while Ivan Krstic agrees that this is not a bullet-proof approach it can help improve security for most users.


To make it more convenient for you to take advantage of CyTRAP Labs’ offerings, just provide us with your e-mail address below. You can personalize your subscription to make it suit your needs.


→ No CommentsTags: boxes · choices · conundrum · dialog · empowerment · govcert · scared · technologists