$100 Laptop May Be at Security Forefront

Oct 09, 2006
$100 laptop

(AP) -- The $100 laptops planned for children around the world might turn out to be as revolutionary for their security measures as for their low-cost economics.

The One Laptop Per Child project, a nonprofit begun at the Massachusetts Institute of Technology, aims to improve education by giving children bright-colored, hand-cranked, wireless-enabled portable computers. Governments are to buy the laptops - beginning in 2007 with up to 7 million machines in Thailand, Nigeria, Brazil and Argentina - and hand them to kids for them to own.

The machines have garnered the most attention - and some skepticism - for the design elements helping to keep their price low. Among other things, the computers will employ the free Linux operating system, flash memory instead of a hard drive and a microprocessor that is slow by today's standards but requires minimal power.

But programmers also have been taking advantage of the start-from-scratch nature of the project to design security protocols that they hope will greatly surpass those found in mass-market computers today.

The designers are still testing their approach with outside security experts - which is widely considered wiser than keeping such matters secret. But already they believe the security setup could make it unnecessary for the laptops to have anti-virus software.

Standard computer design generally lets most any program access any file stored anywhere on the machine. That is one reason why flaws in programs can be exploited by outsiders to steal or erase private information.

By contrast, the $100 laptops will force any application to run in "a walled garden" and limit the files it can access, said Ivan Krstic, a software architect at One Laptop Per Child focused on security.

Even if the security were to fail, Krstic believes a specialized encryption technology will prevent the BIOS - the software that runs a computer when it is initially turned on - from being overwritten. That means the PC could not be rendered unable to boot up.

"It's essentially unbelievably difficult to do anything to the machine that would cause permanent hardware failure," Krstic said.

Extensive security measures are necessary because so many of the machines are expected to be built, making them a large target for mischief.

One particularly thorny potential problem is that the laptops can communicate with one another in a "mesh" network, sharing data and programming code. A computing Web site reported this week that Krstic had described that setup to the ToorCon security conference as "very scary."

But he contended to The Associated Press that the comment was taken out of context.

"We have code-sharing in the machines, which is really scary if we were not paying attention to it," he said. "But we think we have solutions to all of these problems."

One of the principal organizers of ToorCon, George Spillman, said Krstic's presentation was "very well received" because the $100-laptop designers have thought a great deal about security but "they're not arrogant enough to believe they have everything locked down."

Spillman believes at least some of the measures Krstic described are likely to be successful, though he cautioned: "There's always going to be some kind of a hole somewhere."

Walter Bender, a co-founder of MIT's Media Lab who is overseeing software and content on the $100 laptops, said children should be able to tinker with the laptops and learn how they work. To that end, these security measures can be turned off by the PCs' owners.

To protect against that leading to disaster, the laptops will automatically back up their data up on a server whenever the machines get in wireless range of the children's school. If a child loses data, the files can be restored by bringing the laptop within wireless range of the server.

---

On the Net: laptop.org

By BRIAN BERGSTEIN, AP Technology Writer
© 2006 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

Explore further: Facebook dressed down over 'real names' policy

add to favorites email to friend print save as pdf

Related Stories

Amanda Todd suspect linked to dozens of cases

1 hour ago

A prosecutor says a Dutch man suspected of possessing child pornography and blackmailing and harassing victims over the Internet with naked images of themselves may have victimized as many as 40 people in the Netherlands ...

Chinese tech giant Huawei on Europe recruitment drive

1 hour ago

Controversial Chinese technology giant Huawei—which has been condemned as a security risk in the US and Australia—is to recruit hundreds of research and development staff in Europe, the president of its French subsidiary ...

Cutting congestion on the data network highway

1 hour ago

Perhaps no other consumer-driven technology has made such incredible advances in such a relatively short space of time as the mobile phone. Today's smartphones are used to stream videos, access social media ...

Recommended for you

Facebook dressed down over 'real names' policy

32 minutes ago

Facebook says it temporarily restored hundreds of deleted profiles of self-described drag queens and others, but declined to change a policy requiring account holders to use their real names rather than drag names such as ...

Apple iOS 8 software bug affects health apps

1 hour ago

A bug in Apple's new iOS 8 software for mobile devices is prompting the company to withhold apps that use a highly touted feature for keeping track of fitness and health data.

Yelp to pay US fine for child privacy violation

7 hours ago

Online ratings operator Yelp agreed to pay $450,000 to settle US charges that it illegally collected data on children, in violation of privacy laws, officials said Wednesday.

User comments : 0