digg

Join DiggAbout

Introducing Digg Dialogg!
Check out the first Digg Dialogg with Nancy Pelosi. More guests to be announced soon!

OLPC has anti-piracy measures (Kill switch) which makes WGA look friendly

arstechnica.com — OLPC has built a remote kill-switch into XO laptops so they can be remotely deactivated in the event that they are used without authorization. OLPC has responded to such concerns by developing an anti-theft daemon that the project claims cannot be disabled, even by a user with root access.

Bury
show profanity settings
expand all
  • GawtMilk, on 10/12/2007, -29/+8What's unfriendly about WGA? I've had to download one file in the six years I've used XP, that's it.
    • BinaryFragger, on 10/12/2007, -27/+13It's only unfriendly if your copy of XP is of questionable legality.
    • fiorenza, on 10/12/2007, -3/+19Submitter didn't read the story, because it's not about piracy, and WGA is only mentioned at the end.
    • Aeiri, on 10/12/2007, -7/+18@BinaryFragger

      What? I have a legit copy of Windows, my neighbor has a legit copy, and my parents have a legit copy.

      WGA fails on my computer and my neighbor's computers, while it passes on my parents'.

      It's annoying because I can't test my site and my projects with IE7, since my computer fails WGA.
    • cJw314, on 10/12/2007, -11/+7IE7 = ass.
    • wesamel, on 10/12/2007, -6/+16The submitter is a dumbass Microsoft fanboy. Just look through his submissions, half of them trumpet the "greatness" of Microsoft and Vista or bash Apple, Steve Jobs, and Mac OS X. I guess he's going after Linux now too.
    • minigamer1896, on 10/12/2007, -1/+8@Aeiri: There are legally questionable ways to edit the registry so as to fake a "genuine" key.
    • tempusrob, on 10/12/2007, -2/+18@GwartMilk: "I've had to download one file in the six years I've used XP, that's it."

      So uh ... hey, what's your IP address?
    • dt40, on 10/12/2007, -2/+17TempusRob:

      192.168.0.1
    • bias, on 10/12/2007, -4/+3@netposer
      Well, not everyone is no good by default. Just you, because you are an idiot. There are people/companies out there selling pirate copies of Windows out there, which customers could purchase without knowing that it's an illegal copy. By using the WGA Microsoft can sell a copy of Windows to the "Conned" customer and more likely to identify the pirate Windows seller by the customers' help. It's actually quite fair for Microsoft to do that, because they really don't have responsibility to support the customers who purchased the pirate copy knowingly or by accident.
    • nogami, on 10/12/2007, -0/+12Submitter: You are confusing anti-piracy with anti-theft. Two totally separate things.

      Basically what this article says is that the units will lock if stolen - says nothing about pirated software (probably because they're running an open-source OS).
    • jues, on 10/12/2007, -0/+8@dt40:
      127.0.0.1 ?
    • coredump0x01, on 10/12/2007, -0/+8wesamel
      This is true, and this article is pure FUD. Notice how the digg headline is intentionally twisted to make OLPC look bad? Whereas the word(s) "piracy" "pirate" and "pirating" do not occur once in the actual article. And how does one pirate open source software?

      I don't mind there being MS employees on Digg, but please keep your marketing in the marketing department.
      Thanks for a good laugh, estvir.
    • Terc, on 10/12/2007, -0/+2OLPC's protection, assuming it holds up against hackers is a sad, but necessary evil. Just one of these PCs is worth nearly a year's wages to most of the people that will be using or distributing them. Doesn't take much to realize the obvious temptation to sell them off.
    • jeremy66158, on 10/12/2007, -1/+2Why didn't mine get Dugg 5 days ago? I'm mad at estvir

      http://digg.com/tech_news/One_Laptop_Per_Child_Has_Remote_Kill_Switch_Should_Anyone_Try_To_Resell_One
    • broomett, on 10/12/2007, -0/+1netposer...it is absolutely NO different than a store, or a casino, having mirrors and cameras to prevent theft.

      You can bitch like the pussy that you are, but it would be idioitc for Microsoft to NOT do this.
  • freehunter, on 10/12/2007, -2/+37This isn't anti-piracy, this is about laptops being stolen with sensitive data on them. If they are stolen, the kill switch engages. Piracy =/= theft.
    • UltimaNut, on 10/12/2007, -21/+2THIS WAS SUPPOSED TO BE A REPLY TO FREEHUNTER. WTF is wrong with digg lately.

      @freehunter
      Who the hell is going to use one of these things for 'secure data.They are cool. I will buy one but some on.
    • D3koy, on 10/12/2007, -1/+9@Ultimanut

      I think the problem is on your end...you reply IS to freehunter....
    • Prysorra, on 10/12/2007, -7/+1Who the hell would give sensitive data to a child?
    • DisposableRob, on 10/12/2007, -0/+14"This isn't anti-piracy, this is about laptops being stolen with sensitive data on them."

      One of the reasons the laptop look like kid's toys is to dissuade the theft and black market sales of the laptops. They want the laptops to go to the intended audience, kids who need an education, not warlords looking to make a profit. This is basically another tactic to do this. The submitter is is being a little FUDdy with the headline in comparing it to WGA.
  • nhassan, on 10/12/2007, -9/+1god, were gonna be ***** in the future, if they develop things like this, in large scale.

    **btw, i didn't read the article yet, just read the little summary thing**
  • Darkestblaze, on 10/12/2007, -1/+1What the article doesn't mention is *how* the laptops do this. Yes, it authenticates over the internet, but is this safeguard part of the BIOS, or is it just some software that could easily be bypassed by formatting and putting a new OS on the box?
    • D3koy, on 10/12/2007, -2/+3it's a OLPC box, I doubt you'd want to fuss around too much inside...Last time I checked it didn't even have a color screen...
    • firefoxman, on 10/12/2007, -0/+1@Darkestblaze

      If it is over the internet, it is probably a OS thing, but I think they won't let you mod the laptop too much.
    • inkyblue2, on 10/12/2007, -1/+1the actual details:

      968 8.19. P_THEFT: anti-theft protection
      969 ------------------------------------
      970
      971 The OLPC project has received very strong requests from certain countries
      972 considering joining the program to provide a powerful anti-theft service that
      973 would act as a theft deterrent against most thieves.
      974
      975 We provide such a service for interested countries to enable on the laptops. It
      976 works by running, as a privileged process that cannot be disabled or
      977 terminated even by the root user, an anti-theft daemon which detects Internet
      978 access, and performs a call-home request -- no more than once a day -- to the
      979 country's anti-theft servers. In so doing, it is able to securely use NTP to
      980 set the machine RTC to the current time, and then obtain a cryptographic lease
      981 to keep running for some amount of time, e.g. 21 days. The lease duration is
      982 controlled by each country.
      983
      984 A stolen laptop will have its (SN, UUID) tuple reported to the country's OLPC
      985 oversight body in charge of the anti-theft service. The laptop will be marked
      986 stolen in the country's master database.
      987
      988 A thief might do several things with a laptop: use it to connect to the
      989 Internet, remove it from any networks and attempt to use it as a standalone
      990 machine, or take it apart for parts.
      991
      992 In the former case, the anti-theft daemon would learn that the laptop is stolen
      993 as soon as it's connected to the Internet, and would perform a hard shutdown
      994 and lock the machine such that it requires activation, described previously, to
      995 function.
      996
      997 We do not expect the machines will be an appealing target for part resale. Save
      998 for the custom display, all valuable parts of the XO laptops are soldered onto
      999 the motherboard.
      1000
      1001 To address the case where a stolen machine is used as a personal computer but
      1002 not connected to the Internet, the anti-theft daemon will shut down and lock
      1003 the machine if its cryptographic lease ever expires. In other words, if the
      1004 country operates with 21-day leases, a normal, non-stolen laptop will get the
      1005 lease extended by 21 days each day it connects to the Internet. But if the
      1006 machine does not connect to the Internet for 21 days, it will shut down and
      1007 lock.
      1008
      1009 Since this might present a problem in some countries due to intermittent
      1010 Internet access, the leases can either be made to last rather long (they're
      1011 still an effective theft deterrent even with a 3 month duration), or they can
      1012 be manually extended by connecting a USB drive to the activation server. For
      1013 instance, a country may issue 3-week leases, but if a school has a satellite
      1014 dish failure, the country's OLPC oversight body may mail a USB drive to the
      1015 school handler, which when connected to the school server, transparently
      1016 extends the lease of each referenced laptop for some period of time.
      http://dev.laptop.org/git.do?p=security;a=blob;hb=HEAD;f=bitfrost.txt#l968
  • MAJORstrasser, on 10/12/2007, -2/+4This is all software based like WGA, right? So why not do something similar to what I do to get around WGA: install another version of Linux.
    • MAJORstrasser, on 10/12/2007, -0/+4OK, so I read the white paper OLPC put up on security...somewhat interesting. Anyway, I stand corrected: it's not all software based. They put an SPI flash chip on there with two identifiers (serial # and UUID) that are used to activate the laptop before it can be used. So, maybe it's a little more in depth than getting around WGA.

      Oh well, guess that just means I'll have to put away my best friend, my Knoppix Live CD, and take out my second best friend: the soldering iron.

      If you're interested in the white paper, here's the link. The security details start on line 268.

      http://dev.laptop.org/git.do?p=security;a=blob;h=96f4997602d817abf7be90a00bf68b3a79a73005;hb=HEAD;f=bitfrost.txt
  • Prysorra, on 10/12/2007, -4/+8I see this as a national security *threat* disguised as a solution.

    What's to stop the manufacturer from shutting down a nation's computers? Hell - what if *hackers* do it?
    • aliengoods, on 10/12/2007, -2/+2Exactly. And even if the computer won't start, whats to stop a thief from removing the flash drive/hard drive and retrieving the data. Seems like simple file encyption is far more effective than a kill switch. That way even if the laptop is stolen, the thief still can't access the sensitive data.
    • Pyrogen, on 10/12/2007, -1/+4Are you folks aware what these computers do? They're for CHILDREN. One Laptop Per Child. The only sensitive data going on the things is things children put on them.
    • zcat, on 10/12/2007, -1/+4From my understanding, the "owner" (Government or education department of the country that paid for them) holds the keys, not the OLPC project.

      Also any kid that gets advanced enough to start rewriting BIOS code can apply for a special developer key that will let them reflash the BIOS of their own laptop. That key is unique to their laptop and won't give them access to any other.

      Nothing at all like WGA.
  • ElFredo, on 10/12/2007, -1/+9Buried for sensationalist title. Submitter should have kept the original title: "OLPC's XO laptop comes with anti-theft kill-switch in select countries". Anti-theft != anti-piracy. Given that OLPC targets kids, it could also prevent racketing.
  • minigamer1896, on 10/12/2007, -2/+1Ok, so we have a hardwired timed kill-switch. No biggie. I can see how some people would freak out with this, but it is a very good idea for the OLPC project.

    However, this could also serve two ways, as if this remote-kill idea does work than it can also be applied to the corporate world (after some more development so as to remove the ability to disable the remote kill via removing/modding the appropriate chip) so as to greatly reduce the amount of thievery of laptops, Blackberries, etc. Given that the major developed countries are almost covered via cell networks and have numerous hotspots, it wouldn't be that hard to reduce the time limit to an appropriate amount depending on the need for the given device at that point in time, not to mention if it is stolen, then a signal could be pinged back to the device when it reports so as to kill it. Seeing how we can put a password on some of today's HD's, we could also add a kill switch to them also so as to make it even more difficult to obtain confidential information if the person is careless. A big downside of all this is that we'd have to be more careful about what we get off of eBay if this (unforeseen?) portion of the project does come to pass.
    • klawz, on 10/12/2007, -0/+2quote
      A big downside of all this is that we'd have to be more careful about what we get off of eBay if this (unforeseen?) portion of the project does come to pass.
      /quote

      That's the whole point. I'm sure you heard of the "non-scrubbed" used hard drives, that were formerly owned by a bank (and the many other similar stories of such type of items bought off ebay) - this will help in those endeavors. And buying stuff off of ebay will ALWAYS be a risk. Risk management 101, don't buy something off ebay if you can't afford to lose the money you think you're paying.
  • BlackCow, on 10/12/2007, -0/+3A kill switch? I bet Tracer Tong can deactivate it!
  • mr.hostility, on 10/12/2007, -2/+3Fdisk and put a pirated copy of Windows on it? :-P
  • krazyjim, on 10/12/2007, -1/+1Mobile phones have a similar feature (or at least ones running on GSM) - if your phone gets lost/stolen you call your provider up and tell them your phone's serial number and a password/PIN you have with them and they'll remotely disable it.
    This is a similar thing; the exception being there's no always-on data network available so the timer and the internet are used instead, which seems OK to me, this will probably prevent theft of the devices for the most part, excepting people smart enough to open them and put their own OS on it by replacing the ROM.
    The 21 day limit seems reasonable assuming the laptop will be used regularly, if it isn't then the inconvenience getting it reactivated is probably worth the peace of mind.
    I don't think this is something to get hyped up about, as long as the operator doesn't start imposing stupid restrictions on them.
  • foolonthehill, on 10/12/2007, -1/+4This sounds awfully familiar:

    http://www.linuxgenuineadvantage.org/
  • dynacrylic, on 10/12/2007, -3/+1I like how the OLPC program is now expanding to governments who "have all committed to buying the laptops for their citizenry". What the hell happened to C in olpC- for child?

    I still don't understand what the big hub-bub is on locking these things down. Now there worried about a security theft device for olpCHILD laptop for their citizens! WTF! Do they also want GPS too? I mean you might as well just track down the person who stole the laptop while you at it- especially since the laptops are only $150!

    This is getting a little ridiculous!


  • totorototoro, on 10/12/2007, -3/+2So basically, the whole idea is to give kids an open-source, totally customizable computer to expand their creativity, yet have the whole thing still controlled by someone back home via a rootkit-like override...just in case.
  • SpongeBad, on 10/12/2007, -2/+1One concern around this is that it makes all these laptops easily identifiable when they connect to the Internet. Corrupt governments in third-world countries can then track the actions of people trying to rise up against dictatorship and censorship using these types of tools, and because the laptop won't work unless it's "validated", the dictatorships can remain in place.

    Maybe this is the price that has to be paid in order to prevent kids with these laptops from being mugged for them, though. Maybe they should have hardware limited them to only run Windows Me...then nobody would want them.
    • erqua, on 10/12/2007, -1/+0OLPC laptops are for primary school kids, not first year university students.
  • s11mac, on 10/12/2007, -1/+4This is a measure against theft and sale of these laptops in black market and it is Not an anti-piracy measure. The submitter is an ass who made up a sensationalist headline.
  • guerrilla_suit, on 10/12/2007, -2/+1The only way to prevent a black market for these things, is to release them to public.
    They have already mentioned some challenges to releasing them to the public, but it's a reality they are going to have to deal with.

    I'm sure if they are released to the public the fervor will die down a little bit.

    The title is bogus, as the OS is basically linux. You can download beta versions of it from their site.
    • totorototoro, on 10/12/2007, -0/+1The OS is basically Linux, and the OLPC is basically a computer running Linux...except for the flash chip with the two ID numbers that identify it once its activated. I doubt most other Linux computers have that feature added for your admin to control.
  • sputza, on 10/12/2007, -1/+2This whole thing is based off the presumption that they have internet access.

    "Argentina, Brazil, Libya, Nigeria, Rwanda, Thailand and Uruguay" are not exactly high up the internet penetration list. To illustrate my point:
    http://www.internetworldstats.com/africa.htm#ng
    "5,000,000 Internet users as of Sept/06, 3.1% of the population"
    • erqua, on 10/12/2007, -0/+0The OLPC laptops have a built in mesh network capability. It connects wirelessly to the nearest peer, who connects to another nearby peer, etc. If only a few of these are connected to the Internet, the whole group are online. Not enough for everybody to download video from youtube, but enough for webbrowsing. And to check if the laptop is marked stolen.
  • evilgold, on 10/12/2007, -0/+1WGA is to stop software piracy. This is top stop laptop theft, there is a rather big differance between stealing a computer, and stealing a program. Besides that, these systems run linux, its not possible to pirate somthing thats already free.

    On a side note: nothing will make WGA look friendly becuase WGA is an insult to users. To me it looks like microsoft is saying that they dont trust people who use there systems. However instead of reccomending they use a free alternative, they opt to simply lock out users who pirate (and some who dont) the OS, Whenever someone tells me they have a WGA problem, I hand them a copy of ubuntu, fixes it every time.
    • broomett, on 10/12/2007, -0/+1Not really. The software costs more than the computer.
  •  

    Login or register to add a comment

    Create a new account or login to join in the conversation on Digg. You'll also be able to Digg stories to help promote things you like.


© Digg Inc. 2008 — Content posted by Digg users is dedicated to the public domain.
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.