On Tue, 8 Apr 2008, Benjamin M. Schwartz wrote: > A paper called "Freezing More Than Bits: Chilling Effects of the OLPC XO > Security Model" will be presented next Monday at USENIX UPSEC'08 [1]. The > author has kindly posted the paper at [2], which I discovered after Google > took me to her weblog [3]. . . . > [1] : http://www.usenix.org/events/upsec08/tech/tech.html > [2] : http://www.cosic.esat.kuleuven.be/publications/article-1042.pdf > [3] : http://maradydd.livejournal.com/374276.html . . .
I am not very familiar with the details of Bitfrost's spec, but--IMO, FWIW--some comments about the paper as a paper. If this isn't appropriate or isn't helpful, please tell me to keep quiet. There are more exclamation points than one might want to see in a USENIX paper. There are some phrasings which seem a little like emotional overemphasis. Eg section 2.1's actual "too young to read", versus something like "unable to read" which would direct attention to users' real life situations and the limitations which OLPC is trying to help lessen. Eg section 2.2's actual "poor management practices", versus something like "low budget". Eg that same section's lack of recognition for the current-best-effort status of Bitfrost and of deployments, as well as for OLPC's explicit consideration of the problem of how to upgrade deployed units. Wouldn't one usual response to supposedly flawed open-source work be to ask how to help, rather than suggest it is not "Open"? There is no expressed awareness of the usual contest between delaying for a "final" specification versus accomplishing a needed task *now*. (Who's the LISP guy who wrote the paper something like "Perfect is the Enemy of Good Enough"?) The paper says Bitfrost's threat model is "inappropriate", but offers no explicit alternative. The paper seems to give much of its attention to concerns about protecting users' presumed tendency to use their laptops to criticize, especially to criticize social elements which are powerful enough to access user keys and restrict laptop use. The paper has little discussion of the OLPC use model, including considering education (and security policy appropriate for that) versus wider social uses (and security policy appropriate for them). (By "education" here I am not excluding non-institutional life experiences.) Compare section 3.2's actual "Subjecting children to constant surveillance", versus something like "Not perfectly prohibiting surveillance". The paper's consideration of Piaget was interesting, and the mention of Acquisti & Gross useful. I suggest that Erikson may have been more culturally bound to his own time and place. In any case, there is no consideration of the relative significance of the XO experience versus the significance of a child's other experiences. Who raises the children, who "has the last say"? Their parents and local others, or computer people in the distant, developed, industrialized world? I'm certainly in agreement with the aim of maximizing OLPC security, but do feel the paper could have been more effective. HTH. Cheers. _______________________________________________ Security mailing list [email protected] http://lists.laptop.org/listinfo/security
