Language Selection

English French German Italian Portuguese Spanish

Intense and thoughtful ranting from the OLPC front

Filed under
OLPC

Ivan Krstić has made his way into this blog before. As OLPC’s former director of security architecture and one closely involved with their Peru rollout, his posts offered great insights into just how the XO worked (or was supposed to work) on the backend.

Now he, like Walter Bender, has left OLPC and posted one heck of a rant on Tuesday. Note that the language is a bit rough (Krstić pulls no punches and is obviously angry, so this probably isn’t a site to share with your middle school computer classes; for the rest of us, it’s quite a read).

Krstić, despite being able to run circles around most of us in all things computing, including Linux kernel programming, is no open source fundamentalist (as Nicholas Negroponte has called those who object to porting the Sugar user interface to Windows). However, here is his take on recent attention to Negroponte’s moves towards a Windows deployment:

OLPC should be philosophically pure about its own machines. Being a non-profit that leverages goodwill from a tremendous number of community volunteers for its success and whose core mission is one of social betterment, it has a great deal of social responsibility. It should not become a vehicle for creating economic incentives for a particular vendor.

More Here




More in Tux Machines

DOD Adopts FOSS

Red Hat and Fedora

Linux Kernel News

  • Linux Foundation smushes two smaller projects together to form Open Networking Automation Platform
    The Linux Foundation announced yesterday that it had combined open source ECOMP and the Open Orchestrator Project into ONAP, the Open Networking Automation Platform, with the aim of helping users automate network service delivery, design, and service through a unified standard. Jim Zemlin, executive director of the Linux Foundation, said that ONAP should be a boon to enterprise IT departments, thanks to improved speed and flexibility.
  • Linux Foundation merges Open Source ECOMP, OPEN-O, further harmonizes virtualization group efforts
    Open source ECOMP and the Open Orchestrator Project (OPEN-O) have merged to create the new Open Network Automation Platform (ONAP) Project, further harmonizing the ever-growing array of disparate virtualization groups. ONAP will allow end users to automate, design, orchestrate, and manage services and virtual functions.
  • I am a Cranky, White, Male Feminist
    Today, I was re-reading an linux.com article from 2014 by Leslie Hawthorne which had been reshared by the Linux Foundation Facebook account yesterday in honor of #GirlDay2017 (which I was regrettably unaware of until it was over). It wasn’t so much the specific content of the article that got me thinking, but instead the level of discourse that it “inspired” on the Facebook thread that pointed me there (I will not link to it as it is unpleasant and reflects poorly on The Linux Foundation, an organization which is in most circumstances largely benevolent).
  • encyclopedia snabb and the case of the foreign drivers
    Peoples of the blogosphere, welcome back to the solipsism! Happy 2017 and all that. Today's missive is about Snabb (formerly Snabb Switch), a high-speed networking project we've been working on at work for some years now. What's Snabb all about you say? Good question and I have a nice answer for you in video and third-party textual form! This year I managed to make it to linux.conf.au in lovely Tasmania. Tasmania is amazing, with wild wombats and pademelons and devils and wallabies and all kinds of things, and they let me talk about Snabb.

Security News

  • Security updates for Friday
  • [Older] Microsoft Delays February Patch Tuesday Updates Until Next Month
    It was created by Microsoft as a way to have a standard delivery date/schedule for updates that were being provided for the companies software. This allowed a lot of stability for users and IT Pros so they could be prepared for the monthly distribution oof the updates. Well this month Microsoft has hit a snag with their monthly Patch Tuesday.
  • Watershed SHA1 collision just broke the WebKit repository, others may follow
    The bug resides in Apache SVN, an open source version control system that WebKit and other large software development organizations use to keep track of code submitted by individual members. Often abbreviated as SVN, Subversion uses SHA1 to track and merge duplicate files. Somehow, SVN systems can experience a severe glitch when they encounter the two PDF files published Thursday, proving that real-world collisions on SHA1 are now practical.
  • Cloudflare Reverse Proxies are Dumping Uninitialized Memory
    Thanks to Josh Triplett for sending us this Google Project Zero report about a dump of unitialized memory caused by Cloudflare's reverse proxies. "A while later, we figured out how to reproduce the problem. It looked like that if an html page hosted behind cloudflare had a specific combination of unbalanced tags, the proxy would intersperse pages of uninitialized memory into the output (kinda like heartbleed, but cloudflare specific and worse for reasons I'll explain later). My working theory was that this was related to their "ScrapeShield" feature which parses and obfuscates html - but because reverse proxies are shared between customers, it would affect *all* Cloudflare customers. We fetched a few live samples, and we observed encryption keys, cookies, passwords, chunks of POST data and even HTTPS requests for other major cloudflare-hosted sites from other users. Once we understood what we were seeing and the implications, we immediately stopped and contacted cloudflare security. "
  • Secure your system with SELinux
    SELinux is well known as the most sophisticated Linux Mandatory Access Control (MAC) System. If you install any Fedora or Redhat operating System it is enabled by default and running in enforcing mode. So far so good.