In an exhaustive study of critical Linux vulnerabilities, a team of academic and government-backed researchers claim to have proven that almost all flaws could be mitigated to less than critical severity – and that 40 percent could be completely eliminated – with an OS design based on a verified microkernel.
“The security benefits of keeping a system’s trusted computing base (TCB) small has long been accepted as a truism, as has the use of internal protection boundaries for limiting the damage caused by exploits,” wrote researchers from Data61, the Australian government’s Commonwealth Scientific and Industrial Research Organisation (CSIRO) and the University of New South Wales in Sydney, in a paper to be presented next week at APSys ’18.
Leave a reply