OLPC Has Kill-Switch Theft Deterrent

Sid writes "Ars Technica reports that the One Laptop Per Child (OLPC) XO has an anti-theft daemon in the OS that can be used to remotely disable machines, much like WGA. The Project added the kill switch at the behest of a few countries concerned about laptop theft. From the report, 'OLPC has responded to such concerns by developing an anti-theft daemon that the project claims cannot be disabled, even by a user with root access. Participating countries can then provide identifying information such as a serial number to a given country's OLPC program oversight entity, which can then disable the devices in certain scenarios.'"

Re:How long before M$ copys this and cames it.....

[silentounce]

Psshaww... Sony's laptops have much more effective kill switches than this.

Massive Backend Infrastructure and Processes

[blantonl]

So, does this mean that the OLPC project is going to need a back-end infrastructure to support this Daemon? With the amounts of laptops considered in this project, that means that a pretty large back-end infrastructure is going to be needed to support this process.

In addition, there's going to need to be a tremendous amount of "process defintion" for something of this scale. What constitutes a "stolen" laptop in this case? How is it reported? To Whom? Who is ultimately responsible?

Sounds like a massive undertaking and far from clearly defined, other than a "Daemon is available."

Re:Potential Abuse Issues

[chanrobi]

If the government already controls all the internet this entire "abuse potential" scenario is moot.

If an invading nation wants an information blackout, shut everyone's laptop out.

Yeah since information only flows through laptops... right? How the hell is this modded insightful.

Renting out stuff ...

[Gopal.V]

As an Indian from a relatively unconnected neck of woods, I love the OLPC project and what it might do to the future students of this world - and I've even played around with an OLPC for thirty minutes. But this particular feature annoys me a bit. I quote from the article.

the system allows countries to optionally establish a "license" period for the laptops, such as 21 days.
When laptops are connected to the Internet, they will synchronize with an NTP server to obtain the correct
time and date, and then obtain a license which must be renewed in the time specified. Laptops which are not
renewed within the timeframe will lock.

As I mentioned before, the whole concept of an unconnected laptop or one with minimal internet access (i.e wireless mesh) goes for a toss with this feature. The worst of the activation features which windows has, negating the real advantage of having a laptop you could take literally anywhere. Locking out someone just because they couldn't hook their PC into the network for twenty days is no way to make OLPC work. The real way to keep them off the black market is to reward those who keep their machines intact - just like the way to get kids to come to school has been a free lunch programme (and I sit in an Indian state with 99% literacy rates).

Or if you're really interested in reducing the utility of the machines, send an access code to the school master every month - for the laptops to get on the internet. You need to go pick up the coupon to get back on the internet and just kick the ones which are reported missing in audits - rather than go in for an active licensing scheme as mentioned in the document.

But in general, technical solutions for social (as well as economic) problems hardly work out, by themselves.

OLPC becoming Big Brother?

[PetiePooo]

I have to say, I don't like the decidedly big-brother tilt the OLPC project has been taking lately. With all the news that has come out lately on OLPC, the whole "users will be able to read/understand/modify its source code" stance seems to have gone away.

If I can read and compile the O/S, who's to say I can't just remove the kill daemon from my build and then install it? In order to be robust, they'll have to lock down the installed software and make it impossible for the user to change. No community development; no share-and-share-alike; no software libre, counter to the whole "open source" philosophy they tout as the project's base.

This isn't a hacker's dream toy; its a business proposition to sell expensive supporting infrastructure and services along with a loss-leading locked-down client device disguised as charity in the name of educating the poor.

This isn't news...

[SocialWorm]

Several people, myself included, specifically pointed this out during the last story on OLPC's BitFrost system..

And can we please remember that it's One Laptop Per Child, and not One Laptop Per Slashdot-reading Guerilla Geek? Any abuse regarding deactivation of the laptops is more likely to be carried out by confiscation of the laptop by school personal.

Also, the feature can be disabled with a Developer Key from OLPC:

1018 The anti-theft system cannot be bypassed as long as P_SF_CORE is enabled (and
1019 disabling it requires a developer key). This, in effect, means that a child is
1020 free to do any modification to her machine's userspace (by disabling P_SF_RUN
1021 without a developer key), but cannot change the running kernel without
1022 requesting the key. The key-issuing process incorporates a 14-day delay to
1023 allow for a slow theft report to percolate up through the system, and is only
1024 issued if the machine is not reported stolen at the end of that period of time.

- http://dev.laptop.org/git.do?p=security;a=blob;hb= HEAD;f=bitfrost.txt