What is ETD?

ETD promotes discussion on low-cost ICT initiatives for educational systems in developing countries. Read More

Join ETD

Become a part of the conversation. Contribute your ideas, strategies and expertise to our discussions. Join Now

OLPC Showed Childrens Computer Security is Possible


Computer malware is a big problem to society. When this is discussed in relation to children and the Internet (or politicians or parents), the advice has always been: updates, AV software, and firewalls for the computer and rules, restrictions, and filters for the children. With a special emphasis on installing more software and more updating. Illustrations of this attitude can be found in:

But, is user education working? Obviously, primary school children (and older) cannot be made responsible for installing and managing security updates, AV software, and firewalls. In this view, getting millions of children in developing countries on-line on laptops they have to use unsupervised at home seems to be nothing short of a crime against humanity. Yet, is it really impossible to create a computer environment that can not only be used safely by children, but also managed safely by children?

All these security advices are very sensible given the current ICT landscape. But, these advices can also be seen as blaming the victim by the commercial software industry. This has been doubly insulting as most security problems, eg, the mere existence of computer viruses, is the result of the (very) bad coding practices and short sighted design decisions of commercial software companies. As a result, the complete AV industry catering to end-users is widely mistrusted. Its very existence has been seen as a stopgap for irresponsible coding practices

So it was a pleasant surprise to see the OLPC security model, Bitfrost.

Bitfrost was a design that started with a “the user cannot do wrong” approach to security. It showed how you could actually build a user-friendly computer that gave children full control over their laptop and, at the same time, made the laptop as secure as any security professional’s private laptop could ever be. Here is a summary of the principles and goals of the Bitfrost design from the wikipage.

Bitfrost Principles:

  • Open design:The laptop’s security must not depend upon a secret design implemented in hardware or software
  • No lockdown: Though in their default settings, the laptop’s security systems may impose various prohibitions on the user’s actions, there must exist a way for these security systems to be disabled
  • No reading required: Security cannot depend upon the user’s ability to read a message from the computer and act in an informed and sensible manner
  • Unobtrusive security: Whenever possible, the security on the machines must be behind the scenes, making its presence known only through subtle visual or audio cues, and never getting in the user’s way

Bitfrost Goals

  • No user passwords: With users as young as 5 years old, the security of the laptop cannot depend on the user’s ability to remember a password.
  • No unencrypted authentication: Authentication of laptops or users will not depend upon identifiers that are sent unencrypted over the network
  • Out-of-the-box security: The laptop should be both usable and secure out-of-the-box, without the need to download security updates when at all possible
  • Limited institutional PKI: The laptop will be supplied with public keys from OLPC and the country or regional authority (e.g. the ministry or department of education), but these keys will not be used to validate the identity of laptop users
  • No permanent data loss: Information on the laptop will be replicated to some centralized storage place so that the student can recover it in the event that the laptop is lost, stolen or destroyed.

These are all rather common sense starting points for any security system. And anyone who has experienced the trials and tribulations of securing an off-the-shelve computer system will immediately ask why this is not implemented in all computer systems sold? This is not the placed to go down that road. Suffice it to say that the Bitfrost principles and goals are all feasible with todays technology.

The implementation details might seem rather arcane, but they follow logically from the above lists. The Bitfrost document is a good read for anyone who wants to get a feeling how computer security should be done. Below there are some other links for further reading on this subject.

Further Reading:

Ivan Krstić must be recommended for creating a design that includes most of the state-of-the-art security knowledge but is still feasible on a small device. The security models for Apple’s iPod and Google’s Android and Chrome OS follow a similar design (Ivan Krstić currently works for Apple), but Bitfrost is even less forgiving to security breaches.

I think that Bitfrost will be one of the lasting legacies of the OLPC. As evidence that you can design a computer platform from the ground up that is both secure out of the box, and can be used and managed with ease, even by a child. There is no excuse anymore not to produce usable and secure software stacks.

3 Responses to “OLPC Showed Childrens Computer Security is Possible”

  1. This is one question nearly everyone I met in India has asked me. What about security. My usual answer has been that at the school level, we surely can have the level of security any organization needs. However, it is the special attention that OLPC paid to this aspect that it can be had for free. This article further enlightened me on its security aspects and I am indeed grateful to the author.

  2. http://www.bhaskar.com/2010/05/02/education-to-all-is-a-big-challenge-929577.html
    My favorite picture of OLPC in a traditional village environment in India

  3. I was wondering if you ever considered changing the structure of your site? Its very well written; I love what youve got to say. But maybe you could a little more in the way of content so people could connect with it better. Youve got an awful lot of text for only having 1 or two pictures. Maybe you could space it out better?


Subscribe to ETD

Enter your email address:

Delivered by FeedBurner