AOH :: ISN-3093.HTM

Hackers invited to break the security on $100 laptops

Hackers invited to break the security on $100 laptops
Hackers invited to break the security on $100 laptops


http://www.tgdaily.com/2006/10/03/toorcon2006_olpc_securityrisks/ 

By Humphrey Cheung
October 3, 2006

San Diego (CA) - Cheap computers for the world's poor could mean big 
security headaches. The $100 One Laptop Per Child (OLPC) project is 
inviting hackers to break test out and even break the security on the 
upcoming computers. Speaking at the Toorcon computer security 
convention, OLPC representative Ivan Kristic said the OLPC will create 
the largest monoculture in history and the it will present some "very 
scary" security problems.

The low-pricedLinux-based computers will be sold to third-world 
countries and will have a 500 MHz AMD processor along with 128 MB of 
system memory and 512 MB of Flash storage memory. Standardized hardware 
along with a standard software image is one reason why the machines will 
be so cheap, but Kristic explains that this standardization will cause 
security issues.

If tens of millions of OLPCs are sold, the device could create one of 
the largest computer monocultures in history, similar to what has 
happened to the Apple Macintosh. One single exploit could easily wipe 
out millions of computers.

One huge security risk, according to Kristic, is that new computers will 
transparently transmit application code from one computer to another. 
The cheap laptops are meant to operate in a mesh wireless network and if 
one computer doesn't have an application, then it can acquire it 
wirelessly from another computer. Kristic calls this scenario "bloody 
scary".

The OLPC is also designed to be very hackable and Kristic told Toorcon 
attendees that there was, "a lot of value" from having kids take apart 
the machine. If something goes wrong, the computer is designed to be 
easily restored from a server, USB sticks or from the mesh network. But 
the same easily hackable and easily restorable machine has to be made 
secure and that's where hackers come into play.

Kristic said, "I want to help you break these machines... before there 
is a billion of them out in the field."


_________________________________
Donate online for the Ron Santo Walk to Cure Diabetes!
http://www.c4i.org/ethan.html

Site design & layout copyright © 1986- CodeGods