An interesting tool for analyzing your personal kernel config file and pointing out areas for security improvement. It's more comprehensive than KSPP (https://kspp.github.io/) but sometimes goes a little too far, suggesting disabling kernel features you may actively use.
The number of defenses is pretty impressive. The number of out-of-tree and commercial defenses is also impressive. The amount dedicated to specifics of C (UB, bounds checks, use-after-free) is relatively small.
It would be interesting to compare to, say, OpenBSD, with its apparently numerous security and defense-in-depth features.
> It would be interesting to compare to, say, OpenBSD, with its apparently numerous security and defense-in-depth features.
I'm not sure that would be a very fair comparison. A lot of OpenBSD security comes from just skipping giant swaths of stuff. Advanced filesystems are non-existent, Bluetooth is non-existent, etc.
I haven't done a count lately, but I would guess the Linux Kernel alone is larger than the OpenBSD base system. It's simplicity is a huge security feature. Provided you don't need some of those features.
I'm not saying this as an OpenBSD hater or anything, I run OpenBSD on at least one machine.
I find it inspiring that we are getting to where we are dealing with models that classify vulnerabilities at a systems level. However I also think we are kind of barking up the wrong three. There is IMHO something wrong with the current strategy of scaling up the von Neumann architecture. It leads to fragile software partitioning, noisy neighbors and both slow and sometimes unintended communication through shared memory. I’ve tried to lay this out in detail here https://lnkd.in/dRNSYPWC
> “In the next five to 10 years,” Barham predicts, “there are going to be many varieties of multicore machines. There are going to be a small number of each type of machine, and you won’t be able to afford to spend two years rewriting an operating system to work on each new machine that comes out. Trying to write the OS so it can be installed on a completely new computer it’s never seen before, measure things, and think about the best way to optimize itself on this computer—that’s quite a different approach to making an operating system for a single, specific multiprocessor.” The problem, the researchers say, stems from the use of a shared-memory kernel with data structures protected by locks. The Barrelfish project opts instead for a distributed system in which each unit communicates explicitly.
I think your take is interesting, but your article does not go into details with ideas about how to address these problems at the architectural level. Would you like to elaborate?
[+] [-] anthonyryan1|11 months ago|reply
An interesting tool for analyzing your personal kernel config file and pointing out areas for security improvement. It's more comprehensive than KSPP (https://kspp.github.io/) but sometimes goes a little too far, suggesting disabling kernel features you may actively use.
Definitely worth trying!
[+] [-] egberts1|11 months ago|reply
Close all avenues, then only open what you exactly need.
[+] [-] nine_k|11 months ago|reply
It would be interesting to compare to, say, OpenBSD, with its apparently numerous security and defense-in-depth features.
[+] [-] zie|11 months ago|reply
I'm not sure that would be a very fair comparison. A lot of OpenBSD security comes from just skipping giant swaths of stuff. Advanced filesystems are non-existent, Bluetooth is non-existent, etc.
I haven't done a count lately, but I would guess the Linux Kernel alone is larger than the OpenBSD base system. It's simplicity is a huge security feature. Provided you don't need some of those features.
I'm not saying this as an OpenBSD hater or anything, I run OpenBSD on at least one machine.
[+] [-] acje|11 months ago|reply
[+] [-] transpute|11 months ago|reply
https://www.microsoft.com/en-us/research/blog/barrelfish-exp...
> “In the next five to 10 years,” Barham predicts, “there are going to be many varieties of multicore machines. There are going to be a small number of each type of machine, and you won’t be able to afford to spend two years rewriting an operating system to work on each new machine that comes out. Trying to write the OS so it can be installed on a completely new computer it’s never seen before, measure things, and think about the best way to optimize itself on this computer—that’s quite a different approach to making an operating system for a single, specific multiprocessor.” The problem, the researchers say, stems from the use of a shared-memory kernel with data structures protected by locks. The Barrelfish project opts instead for a distributed system in which each unit communicates explicitly.
Public development stopped in March 2020, https://github.com/BarrelfishOS/barrelfish & https://barrelfish.org
[+] [-] simonask|11 months ago|reply
[+] [-] chenhoey1211|11 months ago|reply
Has anyone come across a similar visual breakdown for Wasm runtimes, especially around sandboxing and isolation models?
[+] [-] Sponge5|11 months ago|reply
For those wondering why SECCOMP is ommited.
[+] [-] hart_russell|11 months ago|reply