Apple lands OLPC security whiz -- more secure products on the way?
Twitter tipster Rich Mogull of TidBITS provided us with a ping pointing to ZDNet's Zero Day page, where blogger Ryan Naraine broke some good news today. The news? The ex-director of security architecture for the One Laptop Per Child project, Ivan Krstic (at right), has gone to work for Apple. He'll be focusing his attention on core operating system security.
Krstic's innovative Bitfrost security specification, part of the overall OLPC initiative, essentially negates the effect of any virus by running every program on the computer in its own virtual operating system. By doing this, no malware can spy on user keystrokes, futz with files, or steal data.
According to a 2007 article by Naraine, Bitfrost has five primary goals, all of which are targeted at making the OLPC one of the most secure platforms available:
- No user passwords -- the security of the device cannot depend on the user's ability to remember a password
- No unencrypted authentication -- no cleartext passwords, no use of Ethernet MAC addresses for authentication
- Out-of-the-box security -- The device should be secure out of the box, without the need to download security updates if at all possible
- Limited institutional Public Key Infrastructure -- Don't rely on public keys to validate the identity of device owners
- No permanent data loss -- Information is to be replicated to some centralized storage place so it can be recovered if the device is stolen, destroyed, or lost
Get a WordPress.com Blog
![TUAW [Cafepress]](http://www.blogsmithmedia.com/www.tuaw.com/media/tuaw-cafepress-promo.png)
Reader Comments (Page 1 of 1)
Zach Jones said 10:47PM on 5-13-2009
TBH I am happy to hear this. Security is #1.
Reply
Ariel said 11:41PM on 5-13-2009
Hopefully by Mac OS X v10.7 this guy's work will finally silence those die-hard PC fans who say that Mac is not secure.
Reply
brian said 11:59PM on 5-13-2009
i agree with you 100%
xaco said 11:30AM on 5-14-2009
True cloud computing solutions?
Zapper of the term "security"?
That would be fun.
Reply
Daniel Brusilovsky said 1:14AM on 5-14-2009
This was actually announced almost one year ago according to Krstics's blog...
Reply
Ed said 3:19AM on 5-14-2009
That's not what he says...
"About a year ago, I left One Laptop per Child and decided to find a new adventure. [...] Today was my first day on the job, and I couldn’t be more thrilled."
Posted on Monday...
PFar said 3:20AM on 5-14-2009
I hope this is a pre-cursor to iPhone firmware 2.x. I really need something to care of the frequent application crashes.
Reply
PFar said 3:23AM on 5-14-2009
Okay ignore this last comment:
"I hope this is a pre-cursor to iPhone firmware 2.x. I really need something to care of the frequent application crashes."
Auto-text mix up.
Anyway what I wanted to say is that this is absolutely awesome news. Bitfrost has some excellent design goals. The more this can be rolled into Mac OS X the better.
Reply
Frankie Teo said 5:58AM on 5-14-2009
Hope this guy puts a serious VM technology on iPhone OS and Mac OS that ensures complete immunity to virus and crap like that. The tech behind what Ivan did was pretty amazing for very low-end hardware before. His background in serious supercomputers helps a great deal. Hopefully making Snow Leopard light years ahead of Win 7.X ???.
Reply
Nick F said 6:09AM on 5-14-2009
Congratulations to the poster for a blog item that's interesting, relevant, timely, not blatantly self-interested, and important. Great stuff. A fine example of what a good blog should be all about.
The rest of the TUAW team could learn something here.
Reply
Adrean said 9:37AM on 5-14-2009
I TOTALLY agree.
Excelent post.
Looking forward to his work on apple. Good news indeed.
alf said 11:41AM on 5-14-2009
just remember in all this - NOTHING is ever 100% secure!
Reply