GrSecurity: The Truth About Linux 4.6 [Security]
The lead maintainer of GrSecurity, Brad Spengler, that is a set of patches to the Linux kernel for providing security enhancements has written an opinion piece about the Linux 4.6 kernel security.
Brad's "the truth about Linux 4.6" seems to be in response to a Linux Foundation Linux.com article which he calls, "the Linux Foundation is already beginning a campaign to rewrite history and mislead Linux users. Their latest PR release...which I encourage you to read so you can see the spin and misleading (and just plain factually incorrect) information presented."
Brad went on to explain, "The real 'hard truth' about Linux kernel security is that there's no such thing as a free lunch. Keeping up to date on the latest upstream kernel will generally net all the bug fixes that have been created thus far, but with it of course brings completely new features, new code, new bugs, and new attack surface. The majority of vulnerabilities in the Linux kernel are ones that have been released just recently, something any honest person active in kernel development can attest to...So the real 'hard truth' is that Linux is just now starting to play catch-up in the game of kernel self-protection that we've been playing for 13 years."
Those wishing to read the rest of Spengler's opinion piece can find "The Truth About Linux 4.6" via the GrSecurity.net Forums.
Brad's "the truth about Linux 4.6" seems to be in response to a Linux Foundation Linux.com article which he calls, "the Linux Foundation is already beginning a campaign to rewrite history and mislead Linux users. Their latest PR release...which I encourage you to read so you can see the spin and misleading (and just plain factually incorrect) information presented."
Brad went on to explain, "The real 'hard truth' about Linux kernel security is that there's no such thing as a free lunch. Keeping up to date on the latest upstream kernel will generally net all the bug fixes that have been created thus far, but with it of course brings completely new features, new code, new bugs, and new attack surface. The majority of vulnerabilities in the Linux kernel are ones that have been released just recently, something any honest person active in kernel development can attest to...So the real 'hard truth' is that Linux is just now starting to play catch-up in the game of kernel self-protection that we've been playing for 13 years."
Those wishing to read the rest of Spengler's opinion piece can find "The Truth About Linux 4.6" via the GrSecurity.net Forums.
46 Comments