OLPC invites hackers to test, break 2B1's security systems
By Cyrus Farivar 
posted Oct 4th 2006 7:45AM
posted Oct 4th 2006 7:45AM
One Laptop Per Child has put out a call out to hackers attending this past weekend's Toorcon computer security conference, asking them to assist in breaking the 2B1 laptop "before there is a billion of them out in the field," according to TG Daily. A representative from the project, Ivan Kristi?, said at Toorcon that the OLPC will "create the largest monoculture in history" and that it has the potential to spawn "very scary" security problems. In particular, the 2B1 computers can transmit code from one computer to another in a mesh network to share programs, documents and media, and an uplink alike. In addition, the computers will serve as their own backup, using another laptop to restore the one on the fritz -- which requires a secure and unaffected disk image. Surely NickNeg doesn't want his pet project of millions of computers to turn into legions of zombies that do nothing but issue DDoS attacks or spam campaigns.
"San Diego (CA) - On October 2, 2006 we printed an article titled, "Hackers invited to break the security on $100 laptops" which detailed a talk given by Ivan Krstic at the Toorcon computer security convention. While we believe the article is accurate, we've pulled it because the talk was given off the record.
Krstic's talk about the OLPC (One Laptop Per Child) was part of a series of 5-minute "lightning" talks meant to replace the cancelled David Maynor and Jon "Johnny Cache" Ellch talk. Apparently just before I walked into the room the speakers were assured by Toorcon staff that the talks were off the record."
hmmm... interesting
The OLPC project is a great one and I think this is a good idea..
However, if anyone does try to exploit these little darlings when they are eventually produced, I will hunt you down and begin chewing on your fingers/toes/nose/etc.
I'll bring the ketchup...
Awwww how could any hacker try to hurt a laptop with those cute kids on the screen?
But seriously I had no idea the interconectivity of those were going to be so extensive. But getting all of them to be "zombies" wouldnt be likely scince they would only be exchanging data with local machines (I hope).
Good luck if anyone tried to hack the LinuxBIOS of the 2B1 laptops. They have a damn secure BIOS update method: http://www.olpcnews.com/software/operating_system/a_secure_2b1_bios_up.html
why so much fuzz... its just a laptop for poor ppl
How would it be possible to even get your hands on one of these machines? I know a lot of people (including myself) that would gladly pay twice or three times the price (which could go to help benefit this project even more) to try one out. I guess this is going to be an invite-only kind of function though. With all of the interconnectivity these machines have I think it's only a matter of time before an exploit is found (you know the old saying, the only secure PC is a standalone PC... with regards to outside attacks), I just hope it's patched/taken care of before it causes much damage when it happens.
- Tony R.
Here's a copy of the original TG Daily article:
http://tomshardware.co.uk/2006/10/03/toorcon2006_olpc_securityrisks/
flash forward to a post apocalyptic mad-max styled era: botnetted OLPCs litter the landscape trying to push advertising for pig-manure fuel and death-battle arenas down your throat.
please please don't put hovering or lasers into the OLPC - it might seem like a nice thing to do for the 3rd world.. but i'm sure this is how skynet is going to start.