OLPC Has Kill-Switch Theft Deterrent 138
Sid writes "Ars Technica reports that the One Laptop Per Child (OLPC) XO has an anti-theft daemon in the OS that can be used to remotely disable machines, much like WGA. The Project added the kill switch at the behest of a few countries concerned about laptop theft. From the report, 'OLPC has responded to such concerns by developing an anti-theft daemon that the project claims cannot be disabled, even by a user with root access. Participating countries can then provide identifying information such as a serial number to a given country's OLPC program oversight entity, which can then disable the devices in certain scenarios.'"
How long before M$ copys this and cames it........ (Score:2, Informative)
That's not anything like WGA. (Score:2, Informative)
Re:Orwell lives - why steal cheap plentiful laptop (Score:3, Informative)
This isn't news... (Score:5, Informative)
Several people, myself included, specifically pointed this out during the last story on OLPC's BitFrost system. [slashdot.org].
And can we please remember that it's One Laptop Per Child, and not One Laptop Per Slashdot-reading Guerilla Geek? Any abuse regarding deactivation of the laptops is more likely to be carried out by confiscation of the laptop by school personal.
Also, the feature can be disabled with a Developer Key from OLPC:
- http://dev.laptop.org/git.do?p=security;a=blob;hbRe:That's too abusable (Score:4, Informative)
Now if the thief steals the developer key with the laptop, then the daemon is useless (unless they're too slow), and in the BitFrost document they acknowledge that theres is no way they can guarantee no laptops will be stolen, just try and discourage the thiefs.
RTF Spec (Score:4, Informative)
When this (old [slashdot.org]) news [wired.com] first came out, I posted this gloom and doom [slashdot.org] comment, but after reading the spec, I realized that the picture was more complicated than my comment, or the summary above, indicates.
FTF Spec [laptop.org]:
My earlier concerns were that this funcitonality was the same type of call-home spying and TPM kill-switch control that MSFT in its most evil moments would love to have over all of its users and that OLPC had totally screwed the pooch.
The spec makes it seem a bit more like a maximally secure default setting, whose override is difficult but still accessible. They are simply storing the lock (the laptop) and the key (the developer key) in different places. The keys won't be given out if the lock has been reported stolen, but if not, they are available to the machine's owner.
Something about this still worries me, though. The developer key makes this system radically different from something like the WGA's phone-home spyware "feature" in that it can be disabled by the machine's owner, but given that the default setting is so hard to override, is the effect really all that different? Is this going to screw over less techical users who make a mistake and somehow manage not to "renew their lease" frequently enough? Worst of all, if something goes wrong with the centrally-managed key distribution system, millions of kids will be left with fully locked down, unhackable, TPM machines that will brick in an instant if they wait too long to phone home to the server of a government that may be more interested in censoring them than empowering them.
I'd be curious to hear what Stallman has to say about this project, especially this aspect of the security system. I think everything else about this project would suit even his lofty standards to a tee, but I think OLPC is walking a fine line with this anti-theft system.
You overestimate the intelligence of thieves ... (Score:3, Informative)
It will deter few. I recall looking at computer equipment in a pawn shop. I was excited as I saw some IBM Model M keyboards. Upon inspection I found that the keyboards had not been unplugged, the cables had been cut. I expect many thieves will have difficulty telling OLPC systems from normal systems at the time of the robbery. I also expect that highly organized thieves will not shy away from stealing a large shipment of these laptops, and stripping the RAM and HD for salvage.
Also, "resale value" may be misleading. It is rarely sale to an end user, rather a middleman, as in pawned, laundered, fenced, etc.
Re:You overestimate the intelligence of thieves .. (Score:3, Informative)
The fact remains that when you take into account the costs of stripping the OLPCs for parts and selling the parts on the black market, you quickly exceed the possible resale value of the parts.
Re:IMO: Not possible (Score:3, Informative)
This SHOULD make it very hard to defeat the anti-theft daemon (it doesn't reside in dhcpd btw, also removing internet access for 21 days will brick the machine anyways).
Bitfrost is much more than just the kill switch and is actually quite interesting, and at least in theory sounds like it would be quite effective.
Re:Renting out stuff ... (Score:3, Informative)
I think you'll find that the XO machines prove to not be terribly attractive targets for theives because they are so target specific - I don't think many people other than kids (and shameless geeks such as hang out here) are going to be able to do much useful with them, and if it isn't going to be very useful, why steal it?
Re:You overestimate the intelligence of thieves .. (Score:3, Informative)