Skip to Content
Uncategorized

Security Model Released for the $100 Laptop

It’s new. It’s radical. Is it the future?

Here are some of the security constraints for the $100 laptop being designed by the One Laptop per Child (OLPC) project. The laptop must not be plagued by the viruses, worms, and Trojan horses that are common on Windows, yet the children who use the laptop must be able to download and run software at will. The computer must not allow students to fake e-mail and instant messages to one another, but students must not be required to use passwords. Shipments of laptops must not be a target of theft even though they are being sent to countries where official corruption is endemic and more than half of the economy is illegal.

Is this possible? I think so. For the past few months I’ve been collaborating with Ivan Krstić on a workable security model that incorporates some of the latest ideas and research findings from the HCI-SEC community. Krstić released the security model at the RSA Data Security Conference on Tuesday. Ryan Singel wrote a nice article about the model yesterday, and you can view the entire security document online.

One of the guiding principles of the security model is that programs running on the user’s computer should run with a restricted set of privileges–rather than with the privileges of the computer’s user. For example, there is no reason why your copy of Solitaire should be able to browse through your tax records and send interesting tidbits to organized criminals in Russia. Today’s generation of antivirus, antispyware programs work by having a list of all these bad programs and scanning for them. The OLPC approach is to simply deny your Solitare program from being able to access the network or browse your files. Why should it need those capabilities, anyway?

The so-called Bitfrost security model builds upon a lot of research ideas in virtual machines, declaratory installation bundles, and intentional computing. It gives users–many of whom will be children–the tools for the easy management of their own security.

I don’t know if it will work, but it’s the best thing going. And if Bitfrost does work, you can be sure that we’ll see these same ideas showing up in many desktop and handheld environments.

Keep Reading

Most Popular

Large language models can do jaw-dropping things. But nobody knows exactly why.

And that's a problem. Figuring it out is one of the biggest scientific puzzles of our time and a crucial step towards controlling more powerful future models.

OpenAI teases an amazing new generative video model called Sora

The firm is sharing Sora with a small group of safety testers but the rest of us will have to wait to learn more.

Google’s Gemini is now in everything. Here’s how you can try it out.

Gmail, Docs, and more will now come with Gemini baked in. But Europeans will have to wait before they can download the app.

This baby with a head camera helped teach an AI how kids learn language

A neural network trained on the experiences of a single young child managed to learn one of the core components of language: how to match words to the objects they represent.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.