B00nie
[H]F Junkie
- Joined
- Nov 1, 2012
- Messages
- 9,327
Linux can easily be made very secure. If anything this new unknown OS (and perhaps even closed source code) is untested and open for attacks.
![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
KasperskyOS Released after 14 Years of Development
- Thread starter Megalith
- Start date
Linux can easily be made very secure. If anything this new unknown OS (and perhaps even closed source code) is untested and open for attacks.
This is true: you are entitled to your opinion no matter how uninformed it is.
There is a standard joke in the tire industry, "We reinvent the wheel every day." It's called specialization. None of the OSes or RTOSes currently in use were designed for today's IoT device needs. The Internet is a very hostile place for a computing device, and new approaches are necessary to protect all those devices that will soon be connected to it and to which we will be dependent.
So you think Linux's open source for an all to see kernel vs. an unknown new OS is more open to attacks when it was built from the ground up for security? I think now you are just looking for any loophole to dig you out of that hole?
It can be made more secure than general distros, but even so all you are doing is adding additional access controls on top of something that was designed to be open and flexible. Because of that it can never be as secure as an OS (RTOS really) designed to be secure from the start. For example, this Kaspersky OS makes it difficult to configure the system to be insecure. Many of the bad/lazy habits that have left existing devices open to intrusion are not allowed. For example, the access relationships between every program and every resource must be explicitly defined to the security server. This alone closes off many attack vectors and is not something that can be added on top of an existing OS like Windows or Linux.
Excuse me!? What do you think Linux is? What do you think open source is? What do you think most of computing is?
Would be interesting if any defense companies take this up especially for SCADA and Weapons control as this would be a nice alternative if they can keep it on X86.
As nice as it is to have a warship run on Windows XP/7 (yes I am dead serious) it has its issues. No one is laughing when a BSOD due to a mistype in cmd.exe causes a fit in the switchboard and the lights go black knocking out Ops (seen this... had a chuckle after I roasted the L3 rep).
And Windows 10 as a SCADA host.... ROFLMAO!
As nice as it is to have a warship run on Windows XP/7 (yes I am dead serious) it has its issues. No one is laughing when a BSOD due to a mistype in cmd.exe causes a fit in the switchboard and the lights go black knocking out Ops (seen this... had a chuckle after I roasted the L3 rep).
And Windows 10 as a SCADA host.... ROFLMAO!
B00nie
[H]F Junkie
- Joined
- Nov 1, 2012
- Messages
- 9,327
One of the inherent problems of linux is fragmentation. If all resources would be combined to produce fewer distros the end result would be far better. A totally new OS with no shared code is the worst form of fragmentation.
B00nie
[H]F Junkie
- Joined
- Nov 1, 2012
- Messages
- 9,327
You don't need a 'distro' with an embedded device. Just a kernel, a couple of libraries and some target specific code. It can be completely locked down to the level of having read-only filesystems. OEMs are just cheap and lazy which is why we have all the security problems.
BulletDust
Supreme [H]ardness
- Joined
- Feb 17, 2016
- Messages
- 6,057
I love Windows embedded, an embedded OS with a GUI! No wonder the self serve checkouts are so slow.
I'd don't disagree with your comments on OEMs. They are indeed part of the problem. But if you think that it is possible to "lock-down" linux, or that having the file system set to read-only is some sort of ultimate form of security, you really don't get it. And that's part of the problem too - people designing and implementing internet connected devices that have no experience with embedded systems and/or computer security. Right now IoT is pretty much amateur hour, but if it is going to a real thing, the OEMs will have to get the pros involved, and that won't be cheap. The going rate is $70/hr and up for software engineers that know what they are doing in this area. System designers are over $100/hr.
B00nie
[H]F Junkie
- Joined
- Nov 1, 2012
- Messages
- 9,327
Sorry but a system being embedded is no rocket science. If you need to expose services, it can be done limited and securely as it is. The only problem is that OEMs cut costs and corners, they couldn't care less if their device is being used in a botnet as long as consumers buy them.
The people who are currently hacking the 'internet of things' are no magicians either, they're exploiting glaring security errors left in the devices. Amateur stuff.
I'm sure a part of the problem is that OEMs need to make the devices as easy to configure for use as possible. So they pretty much disregard any security and use whatever works as easy as possible.
Just a joke... No harm meant... I'm fiercely independent but I think the Liberal agenda toward Russia is a farce!
What's this liberal agenda towards Russia?