Opened 11 years ago

Closed 11 years ago

Last modified 10 years ago

#75 closed task (duplicate)

Internet based backup and recovery of user files

Reported by: CarolineM Owned by: martin.langhoff
Priority: major Milestone: Unspecified
Component: Sugar on a Stick (SoaS) Version: Unspecified
Severity: Blocker Keywords:
Cc: martin.langhoff@… Distribution/OS: Unspecified
Bug Status: New

Description

Use Case:
For Sugar on a stick we need to back up user files to a hosted schoolserver and be able to recover them on a new stick.

It would also be able to mark a particular stick as lost and then turn off access to user files on that stick.

Change History (11)

comment:1 Changed 11 years ago by mungewell

I may be misunderstanding what you wrote; did you mean 'turn off access _for_ that stick' ie. de-auth a particular stick to prevent access to school server?

If not, please read on....

Turning off access to the user's files stored the on the USB stick is both difficult and subject to abuse/attack.

At present the files are stored as a datastore within whatever persistence file/partition the LiveCD/USB uses. Often this is simply an ext2/3 filesystem within a file, which is overlaid on the CD filesystem. A simple 'mount' command will mount this file to make the datastore accessible (even if the names of individual journal items are garbled).

If the LiveUSB is used on a PC without internet access there will be no method to trigger the 'lock files' action.

If the datastore is not 'shredded' the files would still be accessible using another OS to access the USB drive.

The only real way to protect the files is to use some form of encrypted filestore, but this would require user authentication on boot - probably something that a 5 year old could not handle.

Is the protection of the user data that important? I believe that the security features of the real XO are more as a deterent to theft/black market trade of the hardware itself.

Mungewell.

comment:2 Changed 11 years ago by CarolineM

hmmm, you are certainly right. We are in no way protecting against anyone who wants to look at anything on someone elses stick if they have the stick.

Here is the use case I am imagining.

Student loses the stick and goes to the teacher. Teacher, the cat ate my stick. The teacher goes to a web page and reports it lost and makes a new stick for the student.

I think there is some value to having a stick that is reported lost, if someone trys to use it, have it say "I'm lost please return me to the office" and not let itself be used.

I think the big problem if we don't do that is that a week later they find the old Stick and start using it. They now have different journal files on 2 sticks. Very confusing potentially.

But I agree this is not a huge priority.

comment:3 Changed 11 years ago by mungewell

Following from an IRC conversation:

It appears that there is no 'introduction' process where a teacher can introduce a XO to a XS, this would be extremely useful for the requested features of this bug report.

If access can be limited to introduced XOs and the account/data store on the XS be limited to the the introduced XO then you can achieve most of what you want. Each XO user session contains a pub/private key pair (in /home/olpc/.sugar/default/owner.key), these could be used to identify/authenicate the XO to the XS.

If lost, the replacement XO could be introduced as the new machine for student 'Johnny' and the access to the XS from the old XO would automatically be revoked.

The use of pub/private key and challenge/response would prevent spoofing or replay attacks.

comment:4 Changed 11 years ago by bernie

  • Bug Status set to Unconfimed
  • Distribution/OS set to Unspecified
  • Severity set to Blocker

Is this assigned to me by mistake?

Or would you like me to setup a schoolserver with enough disk space for the backups?

comment:5 Changed 11 years ago by FGrose

  • Bug Status changed from Unconfimed to New
  • Cc martin.langhoff@… added
  • Distribution/OS changed from Unspecified to SoaS
  • Type changed from defect to task

comment:6 Changed 11 years ago by CarolineM

Hi,

We are getting very close to having kids using SoaS it would be great if we could back up their files to an XS server and be able to recover in case their stick fails or is lost.

Does anyone know how far we are from being able to do this and what tasks need to happen to make it a reality?

comment:7 Changed 11 years ago by CarolineM

Hamilton of Solution Grove is working on this with Marin and others. Making decent progress towards registration, backup and restore of SoaS.

comment:8 Changed 11 years ago by bernie

  • Owner changed from Bernie to martin.langhoff
  • Status changed from new to assigned

Why was this bug assigned to me? It's probably Martin's business :)

comment:9 Changed 11 years ago by CarolineM

  • Resolution set to duplicate
  • Status changed from assigned to closed

Next step on this is Ticket 916.

I'm going to close this general one and we can work on more specific issues.

comment:10 Changed 10 years ago by sascha_silbe

  • Distribution/OS changed from SoaS to Unspecified

Bulk change distribution=SoaS -> component=SoaS

comment:11 Changed 10 years ago by bernie

  • Milestone set to Unspecified by Release Team
  • Version set to Unspecified

The feature requested by this ticket is largely implemented by Dextrose's backup/restore functionality: http://wiki.sugarlabs.org/index.php?title=Features/Backup_and_Restore

Except for the "report lost" part, which belongs to the schoolserver.

Note: See TracTickets for help on using tickets.