Slashdot Mirror

← Back to Stories (view on slashdot.org)

AU Government To Build "Unhackable" Netbooks

Posted by kdawson on from the smells-like-a-challenge dept.

bennyboy64 writes "In what may be one of the largest roll-outs yet of Microsoft's new Windows 7 Operating System, Australia's Federal Government decided to give 240,000 Lenovo IdeaPad S10e netbooks to Year 9-12 students. Officials are calling them 'unhackable.' iTnews reports that the laptops come armed with an enterprise version of the Windows 7 OS, Microsoft Office, the Adobe CS4 creative suite, Apple iTunes, and content geared specifically to students. New South Wales Department of Education CIO Stephen Wilson said that schools were 'the most hostile environment you can roll computers into.' While the netbooks are loaded with many hundreds of dollars worth of software, 2GB of RAM, and a 6-hour battery, the cost to the NSW Department of Education is under $435 (US) a unit. Wilson praised Windows' new OS: 'There was no way we could do any of this on XP,' he said. 'Windows 7 nailed it for us.' At the physical layer, each netbook is password-protected and embedded with tracking software that is embedded at the BIOS level of the machine. If a netbook were to be stolen or sold, the Department of Education is able to remotely disable the device over the network. Each netbook is also fitted with a passive RFID chip which will enable the netbooks to be identified 'even if they were dropped in a bathtub.' The Department of Education also uses the AppLocker functionality within Windows 7 to dictate which applications can be installed."

14 of 501 comments (clear)

  1. Too late by Anonymous Coward · · Score: 5, Interesting

    I just spoke to a friend in Australia.. its been pwned already using the nuke the bios and boot from a livecd method.

    They even disabled the RFID.

  2. Re:I long for the day... by Anonymous Coward · · Score: 1, Interesting

    I don't. A government with tech experience is not a nice thing.

  3. Re:I dont understand ... by Anonymous Coward · · Score: 1, Interesting

    AppLocker is what makes it unhackable.. Only scripts, batch files, executables, processes, services, device drivers, that are WHITE LISTED to run CAN RUN. That includes, excluding part of the OS that can run if desired. That means, if you plug a USB with an auto run in, it WONT auto run. That means if you click try to run a 'portable' non-allowed app, it wont run. Combined with the No execute data flag, it also means that executables cant leak out of a process and run. In addition, if they would of left Steady State/ Pc Safeguard / Guest Mode in the OS, then you wouldnt be able to write anywhere outside of your profile if so desired by the admin, and *ALL* changes to everything, OS, user files, directory structure, profiles, boot options, partition tables etc will be discarded on reboot, even administrators changes, unless the admin told the OS to persist their changes.

    Renaming executables doesnt work either, AppLocker blocks executables by Certificate, executable hashes, publisher, path, or name.

  4. Re:Sure... by Anonymous Coward · · Score: 2, Interesting

    CS4 on a 1.6Ghz Atom.. good luck with that indeed. Never mind the rest of the "unhackable" stupidity.

  5. There sure are a lot of stories on /. that... by Informative · · Score: 5, Interesting

    ... give the impression that Austalia's governors are stupid fucks.

  6. Re:Haha.. no by MrKaos · · Score: 2, Interesting

    There's lots of other silliness going on though, especially as it's my tax dollars going to waste.

    I wonder how many 10's of millions of dollars will be spent on licencing fees? The entire infrastructure could have been built upon Linux distributions and tailored to the education departments requirements. As it stands I wonder if they even looked at a Linux distribution.

    What waste of money.

    --
    My ism, it's full of beliefs.
  7. Re:Unhackable? I'll take that bet... by Ant+P. · · Score: 2, Interesting

    Perhaps they meant "hack" in the original sense, i.e. you can't do anything useful with them.

  8. So much for Open Source by DaMattster · · Score: 2, Interesting

    Stephen Wilson and New South Wales were supposed to be pro open source. I guess Microsoft and a bunch of others ridiculously discounted their software again to get them to bite. Stephen Wilson was reputed to be pro Linux. I guess the powers that be got to him. Too bad, so sad. Notice how these netbooks are eerily Orwellian in their surveillance. Also, no computer is unhackable - given a short length of time, we will see the Slashdot posting that these netbooks have been hacked. The only unhackable computer is the one not connected to any outside network.

  9. Re:So stupid by Johnny+Loves+Linux · · Score: 4, Interesting

    >What is it with governments and hubris? If they had just shipped all these laptops without any mention of "unhackableness", you know what would have happened?

    Here are some clues for why they announced such a thing. From the article: 'There was no way we could do any of this on XP,' he said. 'Windows 7 nailed it for us.' *and* the cost to the NSW Department of Education is under $435 (US)

    Care to make a wager as to whether or not a certain large corporation in the Pacific Northwest gave them an extra special deal on the hardware & software on the condition that they praise Windows 7 over XP? I mean, they're purchasing netbooks and running Windows 7 on them instead of the lighter weight XP? Anybody else see anything wrong with this picture?

  10. Unhackable == can't install whatever software you by Anonymous Coward · · Score: 1, Interesting

    Unhackable == can't install whatever software you want.

    The whole point is to have people stuck with Windoze and Office.

    It has nothing to do with protection from malware, just ensuring
    monopolistic revenues.

  11. Re:Someone is gonna open it. by cratermoon · · Score: 2, Interesting

    For computer security professionals, we might as well start with the proposition that it's already been hacked and start working on what the consequences will be.

  12. From a Students View by LifesABeach · · Score: 2, Interesting

    OK, let's ignore for now, the "Un-Hackable" nonsense. What if I want to learn Physics Modeling using LISP? Sign Language? I have to go buy it? But it's free software! Wait? I have to wait to have some faceless multinational corporation "grant" permission? My homework is due next Thursday, and my teacher says, "no excuses". How about my paper due on Shakespeare's Histories? Bing says, "do you mean Shake Spears? Sorry, no matches" I can get extra credit if I make, and submit a short video on the properties of a Candle Flame; YouTube uploads are now blocked? What Educator said, "It's OK to only learn a tiny subset of knowledge."

  13. Re:Sure... by tangent3 · · Score: 5, Interesting

    The main issue with the Atom is that it does not do Out of order execution.
    ARM processors do, so an equivalently speed ARM will easily out perform the Atom

  14. Re:Absolutely by lukas84 · · Score: 2, Interesting

    Yes, but it's easily possible to completely remove admin privileges form users, even if they have full control over the hardware.

    For example, if you have a TPM and use Bitlocker, you'll have to wait for the next Windows privilege escelation flaw in order to gain admin privileges, which isn't as trivial as booting ntpasswd and creating a new local admin account.

    (Also, there are attacks against Bitlocker in TPM-only mode which include reading the RAM of the machine - they're even more difficult to do, and wouldn't be something a 12 year old could pull of)

    But as someone higher up said - putting the "unhackable" adjective on this seems like a typical marketing/manager decision - while it is possible to get such a system up to a very rational level of security, where most of the kids using the machines won't be able to run any third party software on it, it's impossible to avoid that it will be possible to gain administrative privileges on one of these machines - sooner or later.