Could OLPC’s BitFrost Be A Model for For Future Mac Security?

Usually, certain personnel replacements can prompt that things are about to change in the company. Thus, the hiring of Ivan Krstić, creator of BitFrost, was perceived as a search for new security directions by Apple.

Noted as a Young Innovator in 2007 (his pet project, BitFrost, efficient and innovative security system appeared when he was 21), Krstić worked in the OLPC project. He was busy creating the security system that would be user-friendly and would not need the entire system to support it.

All elements of the BitFrost system are self-contained into a separate virtual OS. Specific rules limit the system’s field of operation and thus, distinguish what changes BitFrost can make and what files it can access. In such a way a virus trapped in the BitFrost environment has no possibility to harm the system as it has no access to system files.

New approach to security

As a Director of Security Architecture, Krstić had a goal of remodeling BitFrost’s framework as it required peculiar Sugar/Linux condition on the XO. To adjust it to standard Linux desktop, specialists had to make sure that all applications of Linux could cooperate with BitFrost. Thus, older version of BitFrost should be adjusted to meet the requirements of all other projects.

It should be mentioned that Apple and BitFrost share the same point of view regarding security approaches and the necessity of sandbox for outside applications. For example, apps installed in MacOS environment won’t get access to equipment elements without the user’s permission.

Apple devices, tools and soft are well-known for their uniqueness, more efficient and advanced approach to performance. Unexpected twists, absolutely new elements opposing to cloned handheld devices have become a brand identity of Apple. Experts of this market niche still cannot understand why Apple developers do not follow standard approach with a shared document framework, without system duplication; apps there act deliberately on the contrary to obligatory code markings. It is obvious that Krstić and his thirst for new unique technologies, approaches, and methods meet the requirements of Apple software – he can definitely contribute to replacing old traditions with the new ones.

Apple is going to introduce an ultimate approach to secure programming for Mac clients. This will require a certain connection between all products, and XO’s BitFrost also supports such approach. Today, Apple’s most useful and used features like Parental Controls, Application Firewall, and other components call for an environment where all apps, tools, and software would work in such a way that they do not require an additional check, are strongly protected from malware and receive the complete trust of the system. According to this, developers of Apple software should take into consideration all components of the system when creating new apps and tools.

Such approach in future can lead to the appearance of new Mac products with secure programming downloads at affordable prices.

Krstić definitely can achieve more on his new position in Apple rather than working with the OLPC as Apple proposes plenty of choices, directions, and possibilities where to work.

Connecting Apple, Open, and OLPC

According to Nicholas Negroponte, one of the guiding figures at OLPC, in the mid-80s, Steve Jobs made some efforts to combine products and create something like OLPC with free Apple PC equipment. For better or worse, the offer to OLPC to use MacOS X programming for free devaluates Apple’s contribution to Linux, and as a result, diminished possibilities of free and open source programming.

Still, open programming in the OLPC extend created a possibility to adjust and improve different products on user’s handheld devices according to their needs, settings, and preferences.

Despite all love to open source, Negroponte took a new direction for his company and started to cooperate with Microsoft. So, new OLPC machines were adjusted to fit the requirements of Windows platform as it was more profitable for the company in comparison with creating and sharing open source software. One of the main reasons for that was the intention of Microsoft and Intel to build a low-end notebook called Classmate together with the XO. A contribution to Classmate creation was a wish to introduce the third-world kids with the frameworks of Intel CPU and Microsoft, so their perception of computers would be influenced by these two platforms.

Of course, Windows XP platform was not presented to OLPC as charity: the price for the XO framework added another 10%, plus the product required some additional equipment.

Krstić’s leg bail

Free Software governmental issues have become one of the main points of the OLPC extend, cooperation with Microsoft raised a lot of new questions, and at that time Krstić left the company. In a year, he commented strange connections of OLPC with FOSS and Microsoft. He highlighted that OLPC could not take advantage of all programming possibilities as the decisions that seemed splendid at first glance, later appeared to be disadvantageous and could not be supported with confidence. There was no clear evidence that settling programming on tablets would be profitable; in fact, this action was not that necessary, so it is a waste of time and money.

Why MacOS X?

Free programming and open source provide a wide range of possibilities and opportunities to users as they get a chance to take control and create something unique and customized. This totally hits the spot of their needs and wishes. As a result, a point of view about OLPC extend has changed.

After 12 years of selective utilization of free programming, Krstić’s choice of MacOS X was the best and expected decision. There are always issues with documentation for open source or free software, so it is quite difficult to make Linux work with the chosen equipment more efficiently. Until the day when merchants and engineers would come to a certain agreement, it would be better to switch to MacOS X, as many caring programmers did.

It seems that programmers, especially young ones, are fond of going back and forth with their product. They take it as a sign of commitment – spending hours and hours polishing their product to perfection. In addition, the more experienced they get, the more things they can improve. It seems that they will never end this process of perfection as there is always room for improvement. However, clients clearly see that OS X is much better than that.

Issues of the OLPC

Free programming should not be one and only interest of OLPC, as much prominence should be given to learning. There are many people who do not realize the real purpose and motivations of connection with Microsoft, and the director himself cannot clearly explain it. The fact that they support Sugar won’t bring them success just because it runs on Windows instead of Linux. The choice of Sugar with an explanation that it is a choice to obtaining nations – it is a complete HR failure.

Learning never was a part of the mission at OLPC. That’s why there are no product groups, or equipment groups, or organizational groups – they simply try to create as many portable workstations as possible. And that is the main reason why highly qualified, skilled, and motivated specialists (like Krstić) leave OLPC. If they continue the same line, it could lead to the most disastrous repercussions.

From the communication between Krstić and Negroponte, it becomes clear that Krstić regrets that all the capacity of OLPC is not used to the max, although it has plenty of possibilities and choices. OLPC could be a standard-bearer of learning programming, push constructionism, and monitoring arrangements. With a creation of a coordinated PC program, OLPC could become the very place where people could get their portable workstations according to their needs of organization design. And as a result, OLPC could become the IBM Global Services of coordinated PC programs.