Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

Apple hires One Laptop Per Child security expert and noted critic


Apple has hired Ivan Krstic, the developer of the security architecture for the One Laptop Per Child project's XO system and subsequently a vocal critic of the failed OLPC program. Krstic is a prodigy security guru with anti-malware credentials.

MIT's Technology Review cited Krstić as a Young Innovator in 2007 for his work in developing Bitfrost, the innovative new security model used by the XO, at the age of 21. He joined the OLPC project with the task of developing a security system that would be easy enough for children to use and wouldn't require an army of support personnel to manage.

One element of the Bitfrost system is that all applications are sequestered into their own virtual operating system, with rule-based limitations placed on what permissions they can access and change on the system, according to the Technology Review. This effectively prevents a virus from doing anything dangerous on the system, or as Krstić told the publication, "This defeats the entire purpose of writing a virus."

Thinking differently

After serving as the OLPC's Director of Security Architecture, Krstić was involved in an effort to adapt the system from the specialized Sugar/Linux environment running on the XO to the mainstream Linux desktop. For Bitfrost to be effective, all applications on the machine must be aware of it, making it incompatible with preexisting apps. This calls for some way to adapt existing programs to the new architecture.

There may be some common ground shared between Bitfrost and Apple's iPhone security model, which segregates third party apps into sandboxes that prevent them accessing a communal PC-style file system or accessing hardware features such as GPS without the user's approval.

Apple's propensity for examining new and better ways to deliver functionality rather than just expected features have confounded pundits who can't understand why the company didn't make the iPhone work like every other phone, with a user accessible, shared file system; a security-free copy and paste mechanism; unfettered application installation rather than mandatory code signing; and unrestricted background apps that require users to handle process management themselves. Krstić's original security development for the XO indicates a similar interest in discovering the new rather than pushing ahead old ideas out of convention.

In addition to the security model deployed for distributing iPhone software, Apple may soon reveal a similar effort to deliver secured software for Mac users; like the XO's Bitfrost and iPhone apps, this would require all software to be security savvy.

Apple has already pushed developers toward supporting application signing to enable Parental Controls, Managed Preferences, the Application Firewall included with Mac OS X Leopard, Keychain, Software Update, and other features that need to know that the applications they are working with are legitimate and not corrupted by malware. The next step may eventually include opening a software store for Mac users that enables secured software downloads at lower prices, just like the iPhone.

Krstić said in a blog posting that he "couldn’t be more thrilled" with his new position at Apple. His future with the company will likely be a stark contrast with his past in working with the politicized OLPC project.

Apple, Open, and OLPC

Nicholas Negroponte, who leads the OLPC effort, told his TED audience in 2006 that Steve Jobs had supported his early efforts building toward what would become OLPC with free Apple computer hardware back in the early 80s. However, when Jobs offered the OLPC project free use of Mac OS X software and engineering help, it rejected Apple's technology in favor of Linux, a decision supposedly based on the group's dedication to free and open source software.

Writing in defense of open software in the OLPC project, Copyrighteous blogger Mako Hill wrote that XO "laptop recipients will benefit from being able to fix, improve, and translate the software on their laptops into their own languages and contexts."

Negroponte's dedication to open source didn't last long however. As its fortunes began to wane, the OLPC rolled out plans with Microsoft to deliver new XO machines capable of dual booting Windows XP, shortly after Microsoft and Intel unveiled their own plan to compete against the XO with a low-end netbook offering called Classmate, designed entirely to ensure that third world children wouldn't be exposed to computers running anything other than an Intel CPU and a Microsoft operating system.

Microsoft didn't even offer XP to the OLPC for free; the company's software licensing demands, plus the extra hardware required to run Windows XP, added another 10% to the target price of the XO system.

Krstić's scathing exposé on OLPC

As the OLPC project became consumed by Free Software politics and proprietary assimilation by Microsoft at the same time, Krstić left the group. A year ago, he penned an inside look at Negroponte's OLPC and its strange tango with FOSS and Microsoft.

Krstić took issue with Hill's Free Software advocacy which claimed that "OLPC needs to be uncompromising about software freedom," calling it "bright-eyed idealism [...] appealing, but alas, just not backed by fact."

"No, we don't know that laptop recipients will benefit from fixing software on their laptops. Indeed, I bet they'd largely prefer the damn software works and doesn't need fixing," Krstić wrote.

I switched to Mac OS X

Krstić added, "One of the favorite arguments of the free software and open source community for the obvious superiority of such software over proprietary alternatives is the users' supposed ability to take control and modify inadequate software to suit their wishes. Expectedly, the argument has been often repeated in relation to OLPC. I can't possibly be the only one seeing that the emperor has no clothes."

"After 12 years of almost exclusive use of free software, I switched to Mac OS X," Krstić wrote.

After describing problems with "vendors not releasing documentation that would make it possible for Linux to play well with their hardware," he added, "Until the day comes when hardware vendors and free software developers find themselves holding hands and spontaneously bursting into one giant orgiastic Kumbaya, that's the world we live in. So in the meantime, I switched to OS X and find it to be an overwhelmingly more enjoyable computing experience."

"My theory is that technical people, especially when younger, get a particular thrill out of dicking around with their software," Krstić said. "Much like case modders, these folks see it as a badge of honor that they spent countless hours compiling and configuring their software to oblivion. Hey, I was there too. And the older I get, the more I want things to work out of the box. Ubuntu is getting better at delivering that experience for novice users. Serious power users seem to find that OS X is unrivaled at it."

The OLPC mess

"OLPC was supposed to be about learning, not free software," Krstić wrote. "And the most upsetting part of the Windows announcement is not that it exposed the actual agendas of a number of project participants which had nothing to do with learning, but that Nicholas' misdirection and sleight of hand were allowed to stand."

"The whole 'we're investing into Sugar, it'll just run on Windows' gambit is sheer nonsense. Nicholas knows quite well that Sugar won't magically become better simply by virtue of running on Windows rather than Linux. In reality, Nicholas wants to ship plain XP desktops. He's told me so. That he might possibly fund a Sugar effort to the side and pay lip service to the notion of its 'availability' as an option to purchasing countries is at best a tepid effort to avert a PR disaster."

"In fact, I quit when Nicholas told me — and not just me — that learning was never part of the mission. The mission was, in his mind, always getting as many laptops as possible out there; to say anything about learning would be presumptuous, and so he doesn't want OLPC to have a software team, a hardware team, or a deployment team going forward."

Krstić later added, "That OLPC was never serious about solving deployment, and that it seems to no longer be interested in even trying, is criminal. Left uncorrected, it will turn the project into a historical information technology ["failure" Krstić used another word] unparalleled in scale."

Shortly after resigning from OLPC, Krstić wrote Negroponte, saying, "I continue to think it’s a crying shame you’re not taking advantage of how OLPC is positioned. Now that it’s goaded the industry into working on low-cost laptops, OLPC could become a focus point for advocating constructionism, making educational content available, providing learning software, and keeping track of worldwide [one-to-one] deployments and the lessons arising from them. When a country chooses to do [a one-to-one computer program], OLPC could be the one-stop shop that actually works with them to make it happen, regardless of which laptop manufacturer is chosen, banking on the deployment plans it’s cultivated from experience and the readily available base of software and content it keeps. In other words, OLPC could be the IBM Global Services of one-to-one laptop programs. This, I maintain, is the right way to go forward."

What's next

With his newfound interest in using technologies that just work, Krstić might seem a natural for joining Apple, which is all about making technology accessible to individuals.

Krstić may likely contribute his expertise in developing security software. Over the last year, he reported having joined the advisory board for the Anti-Malware Testing Standards Organization, the technical working group of StopBadware, and the security response team of the Python project.

This week, Krstić posted on his blog, "After a great deal of deliberation, I moved to California and joined the local fruit vendor. Today was my first day on the job, and I couldn’t be more thrilled."