Linked by Thom Holwerda on Mon 21st Nov 2016 15:44 UTC, submitted by jcarrascal
OSNews, Generic OSes

Kaspersky Labs has developed its own operating system for switches and other networking devices.

First, it's based on microkernel architecture, which allows to assemble 'from blocks' different modifications of the operating system depending on a customer's specific requirements.

Second, there's its built-in security system, which controls the behavior of applications and the OS's modules. In order to hack this platform a cyber-baddie would need to break the digital signature, which - any time before the introduction of quantum computers - would be exorbitantly expensive.

Third, everything has been built from scratch. Anticipating your questions: not even the slightest smell of Linux. All the popular operating systems aren't designed with security in mind, so it's simpler and safer to start from the ground up and do everything correctly. Which is just what we did.

More details will follow soon, the company promises.

Order by: Score:
Written from scratch?
by teco.sb on Mon 21st Nov 2016 16:00 UTC
teco.sb
Member since:
2014-05-08

I don't understand why they needed to write this new micro-kernel from scratch. There already is seL4 (https://sel4.systems/) out there. Or are they saying their implementation is more secure than seL4? If so, where is the proof? Because seL4 can provide "proof of implementation correctness and security enforcement". How does this compare? And why should we trust it over something else?

To me, whenever I hear/read "written from scratch" I think of all the new unknown bugs that a new code-base will come with.

By the way, I'm not hating on their kernel, I'm just highly skeptical they can provide what they are advertising. After all, "extraordinary claims require extraordinary proof."

Reply Score: 9

RE: Written from scratch?
by ddc_ on Mon 21st Nov 2016 17:00 UTC in reply to "Written from scratch?"
ddc_ Member since:
2006-12-05

I read "written from scratch" as "free from NSA exploits". I am not really sure it is the case though. Anyway, there is no source code attached, so basically there is no way to tell whether this OS is an improvement over microkernels that are around.

Edited 2016-11-21 17:00 UTC

Reply Score: 4

RE[2]: Written from scratch?
by Athlander on Mon 21st Nov 2016 17:10 UTC in reply to "RE: Written from scratch?"
Athlander Member since:
2008-03-10

Instead of NSA and Chinese exploits, new and improved Russian exploits!

Reply Score: 10

RE[3]: Written from scratch?
by WorknMan on Mon 21st Nov 2016 18:38 UTC in reply to "RE[2]: Written from scratch?"
WorknMan Member since:
2005-11-13

Instead of NSA and Chinese exploits, new and improved Russian exploits!


Exactly. Running an OS on your router that came from Russia seems like the worst idea in the history of bad ideas.

Reply Score: 4

RE[4]: Written from scratch?
by unclefester on Tue 22nd Nov 2016 00:24 UTC in reply to "RE[3]: Written from scratch?"
unclefester Member since:
2007-01-13

"Instead of NSA and Chinese exploits, new and improved Russian exploits!


Exactly. Running an OS on your router that came from Russia seems like the worst idea in the history of bad ideas.
"

Russia is only a 3/10 on the evil scale. China and Saudi Arabia are the countries to worry about.

Reply Score: 2

RE[4]: Written from scratch?
by allanregistos on Wed 23rd Nov 2016 01:46 UTC in reply to "RE[3]: Written from scratch?"
allanregistos Member since:
2011-02-10

"Instead of NSA and Chinese exploits, new and improved Russian exploits!


Exactly. Running an OS on your router that came from Russia seems like the worst idea in the history of bad ideas.
"
If you are in the USA and you need switches of course, you need a secure operating system built for the US and in the US. You should also source hardware that is made in the US, not ODMs from Taiwan/China. You should not power your switches with Chinese/Russian technology unless you have determined that the source/code and build tools are free from bugs/malware. This is a must if you work in the military industrial complexes.

Reply Score: 2

RE[2]: Written from scratch?
by Bill Shooter of Bul on Tue 22nd Nov 2016 07:23 UTC in reply to "RE: Written from scratch?"
Bill Shooter of Bul Member since:
2006-07-14

why would anyone just assume its NSA compromise free? Because it comes from another country? Ok, I guess it would be impossible for a spy agency to have a spy located in another country. Good proof. 10/10 would hire as security consultant for all the monies.

Reply Score: 2

RE[3]: Written from scratch?
by CaptainN- on Tue 22nd Nov 2016 20:19 UTC in reply to "RE[2]: Written from scratch?"
CaptainN- Member since:
2005-07-07

Exactly! So many exploits can be added at the tooling level even without spies being in the country! This is the main reason software without appropriate need for validation* cannot be trusted - even when you have access to alleged source code.

* Banking software on ATMs can and will be independently validated on both sides. E-Voting machines will not - actually cannot be validated, which makes them a horrible nightmare for accountability.

Reply Score: 2

RE[3]: Written from scratch?
by ddc_ on Wed 23rd Nov 2016 12:45 UTC in reply to "RE[2]: Written from scratch?"
ddc_ Member since:
2006-12-05

why would anyone just assume its NSA compromise free? Because it comes from another country? Ok, I guess it would be impossible for a spy agency to have a spy located in another country. Good proof. 10/10 would hire as security consultant for all the monies.

It would probably be more cost-effective to bribe someone then to maintain a spy. And that is only if there is no some secret information sharing arrangement between "security" agencies, in which case the full pack of spyware and exploits will be there free-of-charge, simply enforced by state.

Reply Score: 2

Trying new things
by FortranMan on Mon 21st Nov 2016 17:55 UTC
FortranMan
Member since:
2011-12-21

New code is not always better than old code, and new ideas are not always better than old ideas. It is nice, though, to see a fresh attempt at solving some of the currently-known problems in operating system design.

Perhaps they have solved some of the security troubles at the expense of performance, and certainly they will discover all-new ways to cause problems. I look forward to seeing how this pans out.

Reply Score: 2

michael@uw-pc.com
by michaelz on Mon 21st Nov 2016 19:49 UTC
michaelz
Member since:
2007-03-23
RE: michael@uw-pc.com
by jal_ on Tue 22nd Nov 2016 11:02 UTC in reply to "michael@uw-pc.com"
jal_ Member since:
2006-11-02

Not really, it's more of an extension.

Reply Score: 2

Anti-Competitive
by RobG on Wed 23rd Nov 2016 13:45 UTC
RobG
Member since:
2012-10-17

Is this the same Kaspersky who are busy trying to get MS sued for being anti-competitive, by providing free AV with their O/S?

Pot calling the kettle black?

Reply Score: 2