[Cryptography] Use Linux for its security
Theodore Ts'o
tytso at mit.edu
Thu Sep 29 22:41:19 EDT 2016
On Thu, Sep 29, 2016 at 02:30:06PM +0000, Jason Cooper wrote:
>
> Please don't mindlessly pile on after a poorly researched,
> sensationalist article. :-(
>
> Kees (the speaker giving the referenced talk) is leading the Kernel
> Self-Protection Project. He's not saying "Linux sucks" as the headline
> implies, he's clearly defining the problem in order to justify the
> project's purpose.
Indeed, Kees made a very similar presentation at the Kernel Summit
last year[1] and it was quite well received; no one argued with his
premise and everyone was very glad that he was proposing spearheading
this effort. He got a large number of kernel engineers who were
willing to work with him --- and kudos to their employers for letting
them work on it. (Especially Google, who has let Kees spend a lot of
time on this.)
After his presentation, the kernel-hardening mailing list was revived,
and new features to add additional hardening to the kernel has been
rolling into Linux for the last couple of releases.
There are engineers from multiple vendors collaborating on this
project, including Google, Red Hat, Intel, and others. They have have
been using the kernel-hardening list for traffic control and for an
initial review of the patches before sending them out for wider review
and inclusion. The progress section of this LWN article[3] shows that
they've been quite successful so far --- or perhaps, it would be more
accurate to say they've made a good start.
[1] https://lwn.net/Articles/662219/
[2] http://www.openwall.com/lists/kernel-hardening/
[3] https://lwn.net/Articles/698827/
> Not that you could gather that from the article. :-/
Yeah, these days I assume most web articles are click bait until
proven otherwise. :-/
- Ted
More information about the cryptography
mailing list