Ubuntu Core Snaps door shut on Linux's new Dirty COWs

When did Linux start becoming like Windows?


Canonical has released Ubuntu Core 16 for IoT, featuring Linux self-patching for a generation of users against future Bash or Dirty COWs.

Ubuntu Core 16 features Snaps, a zip file concept Canonical says will streamline IoT device updates protecting against hackers and data loss. Snaps shipped in Ubuntu 16.10 but Ubuntu Core is the 70Mb edition for devices.

Alas, this won't work on existing devices running Linux – just new ones.

It comes as Linux reels from the unearthing of the latest hidden code bomb to have put users at risk.

Dirty COW has surfaced after nine years in Linux, since kernel 2.6.22, permitting malicious code access to Linux systems including Android smart phones.

Before that, the headline grabber was Shellshock, which exploited a decades-old vulnerability that attacked the program used to execute command lines and scripts in Unix-based systems.

Mark Shuttleworth, Canonical founder and Ubuntu daddy, told The Reg: "We always saw Windows as the vulnerable platform but now old Linux devices are seen as the real vulnerability."

Snaps targets IoT from items like cameras to network routers.

They contain code from the Linux kernel maker, Canonical for the Ubuntu distro, and the device maker and ISVs whose code might be resident onboard.

Canonical will aggregate updates in Snaps with code downloaded to a device.

The idea is that should another Bash or Dirty COW-style or other vulnerability be discovered, an update can be pushed down via Ubuntu Core 16’s Snaps.

Shuttleworth claimed a surge of interest from "brands". Initial backers are IBM, Dell, Intel, Linaro and Open Source Robotics Foundation. Dell had beta Ubuntu Core 16 on its Dell Edge Gateways.

Endorsements are expected from other consumer electronics makers, Shuttleworth said. He pointed to the case of ASUS, brought to book by the US Federal Trade Commission in 2016 over a vulnerability discovered in its AiCloud service in 2015 that exposed personal details of 12,900 consumers connected to the internet via its routers.

ASUS agreed to establish and maintain a comprehensive security program subject to independent audits for 20 years.

"Everybody feels this pain, nobody wants a device with their brand on where they can't deliver an update or if they do, nobody updates it," Shuttleworth added. "Everybody is moving to a view they are responsible for anything they have sold." ®

Similar topics


Other stories you might like

  • OpenID-based security features added to GitHub Actions as usage doubles

    Single-use tokens and reusable workflows explained at Universe event

    GitHub Universe GitHub Actions have new security based on OpenID, along with the ability to create reusable workflows, while usage has nearly doubled year on year, according to presentations at the Universe event.

    The Actions service was previewed three years ago at Universe 2018, and made generally available a year later. It was a huge feature, building automation into the GitHub platform for the first time (though rival GitLab already offered DevOps automation).

    It require compute resources, called runners, which can be GitHub-hosted or self-hosted. Actions are commands that execute on runners. Jobs are a sequence of steps that can be Actions or shell commands. Workflows are a set of jobs which can run in parallel or sequentially, with dependencies. For example, that deployment cannot take place unless build and test is successful. Actions make it relatively easy to set up continuous integration or continuous delivery, particularly since they are cloud-hosted and even a free plan offers 2,000 automation minutes per month, and more than that for public repositories.

    Continue reading
  • REvil gang member identified living luxury lifestyle in Russia, says German media

    Die Zeit: He's got a Beemer, a Bitcoin watch and a swimming pool

    German news outlets claim to have identified a member of the infamous REvil ransomware gang – who reportedly lives the life of Riley off his ill-gotten gains.

    The gang member, nicknamed Nikolay K by Die Zeit newspaper and the Bayerische Rundfunk radio station, reportedly owns a €70,000 watch with a Bitcoin address engraved on its face and rents yachts for €1,300 a day whenever he goes on holiday.

    "He seems to prefer T-shirts from Gucci, luxurious BMW sportscars and large sunglasses," reported Die Zeit, which partly identified him through social media videos posted by his wife.

    Continue reading
  • A Windows 11 tsunami? No, more of a ripple as Microsoft's latest OS hits 5% PC market

    Next version of Windows 10 looms around the corner

    Microsoft's Windows 11 OS has notched up a respectable near 5 per cent of PCs surveyed by AdDuplex, as another Dev Channel build was unleashed with new features for the favoured few.

    With less than a month of General Availability under its belt, Windows 11 now accounts for 4.8 per cent of "modern" PCs (Windows Insiders running the OS account for 0.3 per cent) according to the ad platform. The figure is up from the 1.3 per cent in September, which was Insider-only and points to some migration to the production version of the software.

    The figure is both an indicator of Microsoft's cautious approach to releasing its wares and the limited amount of hardware that can actually run the round-cornered OS.

    Continue reading

Biting the hand that feeds IT © 1998–2021