Remember when you first heard about One Laptop Per Child, and you started to visualize thousands of "$100 laptops" going to poor children in the developing world. What was one of the first concerns that came to mind? Maybe "XO theft"?
Nicholas Negroponte likes to dismiss this concern with his "post office truck" anti-theft logic as told to the World Bank:
there are thousands of cars in the United States stolen each day, but not one single post office truck has been stolen in the history of the United States. The reason is that there is no secondary market for post office trucks because they look like post office trucks.Well with all the hype around XO laptop distribution in Peru, it looks like his belief in distinct looks to safeguard laptops isn't holding up. Just a month after distribution, we have a OLPC armed robbery:
Three armed criminals robbed this morning 66 [XO] laptop computers for the school No. 31939, located in the human settlement of San Pedro, El Tambo district in the province of Huancayo, Junin, reported police sources.I wonder if, in the midst of tying up and beating the guard during the larceny, the perpetrators concerned themselves with Bitfrost? Or as Eduardo Villanueva Mansilla pointed out, often in poor countries, crime is a mixture of vandalism and actual stealing of anything that can be re-sold. And it doesn't take that much a criminal mind to realize XO's have re-sale value, one of the G1G1 unintended consequences.
While these specific laptops may be quickly replaced by OLPC in Peru, the innocence of XO distribution is now lost forever.
I was concerned about that when I bought mine on ebay. One thing to look for is the glossy little G1G1 note/certificate it comes with, but some legitimate second hand sellers might have lost that piece of paper.
So... Will they be disabled by not checking in to Bitfrost? Will there be a black market demand for Dev Keys? I never believed (or, really, could talk about or listen to with a straight face) the mail-truck story, so I really hope their secondary security methods were implemented fully in Peru and are set up to disable the stolen OLPCs.
The perps probably haven't the faintest idea what Bitfrost is, or they wouldn't have bothered doing this.
Or maybe they would, if all they want to do is fence the XOs. What do THEY care if the buyer of the stolen goods can't actually use the computer? It's not like the buyer would have any recourse if the XO suddenly bricked, by which time the thief would be long gone with the money.
Rotten scum. I hope they get caught.
This makes me SO UPSET I feel like YELLING!
sorry.
OK, when and if I have anything to do with a deployment anywhere, one of the FIRST, and I mean, BASIC, solidly, no nonsense, not waiting for anything, before I even bring in one single XO to a deployment, is a MASSIVE, and I mean, everywhere, campaign on how Bitfrost works. Doesn't need to cost much, a simple poster with the picture of the laptop saying that if you steal one, not only are you the vilest of criminals because you are robbing from children, but that the computer will not work after # days because of the protection mechanism that is built-in.
Radios will pick that up, they understand and like something that is a public service announcement, TVs will pick it up also, it will be the talk of the town. Insist on how vile and bottom-feeding crime it is, insist on how it is a community duty that these machines be safe. Just a brief mention of the safety thing, so as to not encourage too much some curious crazy geek to try his luck anyway.
One interesting possibility about Bitfrost protection for machines is that if it can be done before the machines are sent, that keeps local corrupt bureaucrats from getting wet lips. I do not know if it can be done that way at all, but it would be good, because there is a certainty that disappearances by the thousand will happen otherwise. It certainly works that way for any other kind of donations :-(
As to Dev keys being mishandled, I have no idea how it works, but dev keys being granted to developers should be tied to the MAC address of the machines concerned, and in very, very rare cases universal ones handed to people in the field that are servicing machines, and those universal keys should have time-expiration built in, so even if someone is careless or dishonest, the ability to Defrost is limited.
But if they can be misused, they will.
Oh well. Pray for VĂctor Espinoza Jara and Jhonny Cusipuma, that they not be blamed for this if they are innocent, and that we develop ways to really make this safe for everyone.
Yama,
I don't think Bitfrost matters, nor the knowledge about it. Theft, and even armed robbery, of laptops happens in every country.
For the have nots, a working computer may not be the main motive. The very act of taking from another can be pleasure enough. Selling it for a few bucks later, an afterthought.
Yama, I'm sorry to say this but your comments have very little to do with the realities on the ground. I stand for my previous remarks: crime in societies like Peru has a number of reasons quite apart from actual monetary gain. In this case, even if there is a large campaign about bitFrost or any other thing, two ideas will be in the minds of some of the too many criminals that live amidst my society in complete impunity: it can be made to work; even if it doesn't, some schmuck will fall for it. So, I expect that there will be more robberies, and I do pray that those are not muggings of kids, but warehouses or something like that.
Simple as that. The XO-1s are a wonderful thing but to think that crime won't happen here just because some technological measures or a communications campaigns is plain wrong. The one thing to be prepared is the backlash: a number of parents will react badly and request securities measures including keeping the computers in a safe area. That would be bad for the project and bad for the kids.
One little clarification: the place where the robbery occurred is not an isolated part of Peru, but rather a very poor neighborhood on the outskirts of Huancayo, a significant city in the Peruvian Andes. It is not the case that the robbers went into a rural community. I'm wondering what the computers were doing there since it is not the current targeted population. Perhaps (only perhaps) it was a way station.
The 1010 XOs that were shipped to the pilot deployment here came preactivated from the factory, much to my surprise. No activation key required - just boot up and go. We've been lucky, as I haven't heard reports of theft or misappropriation. I suggested to the school administrators that they should contact eBay and let them know that any XO sales from this area are likely fradulent. There are some G1G1s here, but not many. I don't know if they've followed up with that idea, though. There was also discussion about alerting the local pawnshops to keep an eye out, but again, I don't know if that was acted upon.
Several months ago, when Walter Bender was down here, I asked him specifically - what would prevent an unscrupulous person from acquiring a dev key via /home/devkey.html for a purloined XO. Currently nothing, was his answer, and the hope is that a gray market doesn't develop.
From what I understand, there is no such thing as a master development key. If you have the /security/develop.sig file on your XO, cat it and you'll see the SN of your machine. We got dev keys for all the XOs here so we could easily customize the build. Our single develop.sig is a huge, honking 1.1 MB file with all 1,010 keys in there. However, neither that file nor any individual dev keys were transferred to the /security directory on the machines that were deployed.
The only security issue I'm mildly concerned about is if it becomes widespread knowledge how to appropriate these machines for adult use. Call me an elitist, but your average thug isn't going to know what to do with them. It would take an unscrupulous person familiar with the security protocols and Linux to fashion any sort of widespread gray market for the XO. Let's face it: the XO as shipped isn't appealing for the adult consumer. That in itself is the best security measure, IMHO.
The machines that were stolen were activated (but not in the factory --- much, much closer in the supply chain to the point of theft). They were given limited time leases (less than a year). They will become useless at that time, unless recovered.
Peru must receive credit for being one of the first deployments to use the activation "in the field" mechanism of BitFrost. Unfortunately, there are scum everywhere in the world who will steal laptops. This could have happened in a school, the night before handing out the laptops. As another commenter pointed out, this was a little higher up the distribution chain.
Yes, BitFrost activation and development leases are unique to a laptop. There is no "master lease" which works on more than a single laptop.
More local advertisement of the anti-theft features of BitFrost are probably needed to help deter this kind of theft. Perhaps a volunteer movement writing in to editors of local papers ?
@John W:
Thanks for the update information; it sounds like most of the best procedures were followed, but the incident does remind us that the post-office-truck metaphor will simply fail, particularly without local community awareness and support -- and even then, it will still probably fail.
It's really too bad that the BitFrost security's activation/deactivation setup is so dependent on network connectivity to be usable. Is there any thought going in to how to get around that difficulty? Can the lease be "revoked" (I seem to remember that was possible in the spec), so that if they do connect to the network with the stolen XOs, they will brick, or will BitFrost not check for key revocation for the "less than a year" period?
On a related note; if the worst happens in a deployment and the government cancels the program, will all the laptops eventually brick due to expired leases like the much-maligned Circuit city "Divx" "DVD" players? Can a laptop be given an infinite lease?
John, let me be insistent: the people that may be interested in stealing these computers are not going to be deterred by a media campaign. The subtleties of bitFrost may sound as simple lies to make them believe that they shouldn't steal the machines.
Also, in Peru there are no real local papers and the few that exist (there's one in Huancayo as far as I recall, a flimsy leaf with little circulation) are not read by this particular "target audience". Radio may work better, but still, we're not talking about sophisticated, big-profit oriented robbers, but petty though violent muggers looking for small amounts of cash.
NN says there is no secondary market for Post Office trucks? My first vehicle was a lawfully purchased Post Office truck. I learned to drive in that truck (with the driver's seat on the right side). Yes, it looked like a Post Office truck, minus the USPS logotypes which were painted over.
The Peru list at laptop.org has been actively following this event, as you may imagine, and someone, bless his heart, has apparently already started campaigning locally about how if you see some grownup carrying an XO you should consider him to be a thief. But let's remember that in that part of the world community justice tends to be somehow difficult to appeal: robbers are killed, and their bodies burned (Bolivia, less than 3 months ago).
Now, what happens if an outsider, say one of the zillion dirt-poor private Christian schools around there, happens to have a few laptops that some silly American donated to them? What happens to some developer testing solar near the wrong hamlet? Worse, if he happens to have light-colored skin, which is known to have caused people to disappear when trekking alone...
Ditto in some way for the "postal truck" metaphor. Stealing a such a truck is a federal crime, punishable much more harshly than joyriding your neighbor's car. But all in all, we cannot rely on that, and this is not going to get any easier unless we come with something better.
Well, some people really suck! Sorry to hear about it [this story. I'm the "thief" shown in the picture attached to this story, but I swear I bought that XO! :-)