MIT's One Laptop Per Child (OLPC) group is inviting a few of the world's best hackers to help secure the new platform prior to launch.
The non-profit group is planning to deliver up to 100 million laptops to children in developing countries in the first year. If their massive plan works, the initiative will create the single largest monoculture of computer systems in the world. But with such a homogeneous environment come security risks.
The group's director of security, Ivan Krstić, was recently interviewed by eWeek and admitted, "Security for these machines is hands down the hardest thing I've ever worked on."
"We want hackers to get in touch, look at the documentation, play with the machine, and try to break into it. We run the risk of getting parts of this wrong and that's not something we can afford."
The $100 laptop uses a custom BIOS and a Red Hat version of the Linux kernel, along with wireless mesh networking and an embedded version of the GNOME graphical environment. Members of the GNOME community recently spent two days hacking the embedded version of GNOME at the MIT Media Lab, according to a post by OLPC's president of software development, Walter Bender.
Potentially limited network connectivity in children's homes and at school means that software on these systems need to be secure out of the box. Members of the security community are being invited to step in and help out with MIT's groundbreaking project for children.
While most of the software on the $100 laptop will be open source, some Red Hat developers working on the OLPC project have been forced to sign non-disclosure agreements in order to gain access to the firmware details used in the wireless chipset on the machine - a move criticized by OpenBSD's Theo de Raadt, who argues that the wireless driver's source code should be make available to the community to best support the system. Many of the OLPC project's supporters cite the openness of the system as a key factor to its success.
MIT's One Laptop Per Child is the most ambitious project ever seen for providing low-cost computer technology to poor children around the world. The project has received support, funding and development work by some of the brightest minds in academia and from within the computer industry.
Source: Security Focus