Re: Year 2038 time set problem

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sun, Mar 04, 2018 at 10:14:58PM -0500, Ruben Safir wrote:
> Advice?  Who am I to give advice?  On the face of it, I would say they
> need to harden the kernel base release.  But I am not qualified to give
> anyone advice.  If a kernel can't be reasonably secure in a 2 year
> period, as a consumer I can only be unhappy about it and a bit dismayed.

Be dismayed, the state of computer security is not there yet, sorry, and
it's doubtful that it ever will be (although it keeps getting better...)

But seriously, if you have a system that is exposed to the world, you
have to change it all the time as the world changes.  You don't live in
a bubble of a stable ecosystem, no one does.

Ok, yes, there are some systems that do.  Take for example two of my
most favorite examples of the use of Linux:
	- ballast stabilizer for super-mega-yachts
	- automatic cow milking machines

The first one does not interact with the world in a manner that it needs
to be updated regularly, if ever, as communication from it to the kernel
comes in through a known "good" channel (i.e. the on-board ship network
which had better be firewalled from the world...)  Same for the second
one.

Both of them interact with the physical world very directly (some might
say more directly than your laptop or phone), but both do not interact
with the digital world much, if at all.  And that's the key here.

Just keep your systems updated, it's really simple.  If you can't do
that, then prepare to have those systems be full of known security
issues very very quickly.

As someone said at a conference recently when they asked the audience
about the longest uptime for any of the attendees systems (which turned
out to be about 5 years.), "How many security issues were those systems
vulnerable to over that period of time?  All of them."

good luck!

greg k-h

_______________________________________________
Kernelnewbies mailing list
Kernelnewbies@xxxxxxxxxxxxxxxxx
https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies



[Index of Archives]     [Newbies FAQ]     [Linux Kernel Mentors]     [Linux Kernel Development]     [IETF Annouce]     [Git]     [Networking]     [Security]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux SCSI]     [Linux ACPI]

  Powered by Linux