Inside the OLPC laptop's security spec

Many of you have probably followed the One Laptop Per Child (OLPC) project for some time now: the organization, founded by members of MIT's media lab, has designed the XO, an affordable, open-source laptop that promises to bring computer education to children in developing countries. What you may not have heard about is Bitfrost, the XO's security spec. "Let's face it, this project will have enemies," explained Ivan Krstić, one of the spec's architects. "We're shipping these machines to countries with political instability so we're assuming there are real attackers interested in hacking into killing these machines. We had to look at all the potential attack angles." So, how robust is the security on a $100 laptop? You might be surprised. Here are the goals of the spec:

• No user passwords
• No unencrypted authentication
• Out-of-the-box security
• Limited institutional PKI
• No permanent data loss

Those are some pretty lofty goals but if OLPC can accomplish those on a shoestring budget, that's certainly a sign that the rest of us probably can too. The lesson here is that you can always work to make your infrastructure more secure, no matter how small your IT budget.

For more on the XO's security:
- see this ZDnet blog post
- and check out the OLPC site