Submitted by Kaspersky Labs has developed its own operating system for switches and other networking devices.
First, it’s based on microkernel architecture, which allows to assemble ‘from blocks’ different modifications of the operating system depending on a customer’s specific requirements.
Second, there’s its built-in security system, which controls the behavior of applications and the OS’s modules. In order to hack this platform a cyber-baddie would need to break the digital signature, which – any time before the introduction of quantum computers – would be exorbitantly expensive.
Third, everything has been built from scratch. Anticipating your questions: not even the slightest smell of Linux. All the popular operating systems aren’t designed with security in mind, so it’s simpler and safer to start from the ground up and do everything correctly. Which is just what we did.
More details will follow soon, the company promises.
I don’t understand why they needed to write this new micro-kernel from scratch. There already is seL4 (https://sel4.systems/) out there. Or are they saying their implementation is more secure than seL4? If so, where is the proof? Because seL4 can provide “proof of implementation correctness and security enforcement”. How does this compare? And why should we trust it over something else?
To me, whenever I hear/read “written from scratch” I think of all the new unknown bugs that a new code-base will come with.
By the way, I’m not hating on their kernel, I’m just highly skeptical they can provide what they are advertising. After all, “extraordinary claims require extraordinary proof.”
I read “written from scratch” as “free from NSA exploits”. I am not really sure it is the case though. Anyway, there is no source code attached, so basically there is no way to tell whether this OS is an improvement over microkernels that are around.
Edited 2016-11-21 17:00 UTC
Instead of NSA and Chinese exploits, new and improved Russian exploits!
Exactly. Running an OS on your router that came from Russia seems like the worst idea in the history of bad ideas.
Russia is only a 3/10 on the evil scale. China and Saudi Arabia are the countries to worry about.
If you are in the USA and you need switches of course, you need a secure operating system built for the US and in the US. You should also source hardware that is made in the US, not ODMs from Taiwan/China. You should not power your switches with Chinese/Russian technology unless you have determined that the source/code and build tools are free from bugs/malware. This is a must if you work in the military industrial complexes.
why would anyone just assume its NSA compromise free? Because it comes from another country? Ok, I guess it would be impossible for a spy agency to have a spy located in another country. Good proof. 10/10 would hire as security consultant for all the monies.
Exactly! So many exploits can be added at the tooling level even without spies being in the country! This is the main reason software without appropriate need for validation* cannot be trusted – even when you have access to alleged source code.
* Banking software on ATMs can and will be independently validated on both sides. E-Voting machines will not – actually cannot be validated, which makes them a horrible nightmare for accountability.
It would probably be more cost-effective to bribe someone then to maintain a spy. And that is only if there is no some secret information sharing arrangement between “security” agencies, in which case the full pack of spyware and exploits will be there free-of-charge, simply enforced by state.
New code is not always better than old code, and new ideas are not always better than old ideas. It is nice, though, to see a fresh attempt at solving some of the currently-known problems in operating system design.
Perhaps they have solved some of the security troubles at the expense of performance, and certainly they will discover all-new ways to cause problems. I look forward to seeing how this pans out.
Repost; http://www.osnews.com/story/29367/Kaspersky_launches_KasperskyOS
Not really, it’s more of an extension.
Is this the same Kaspersky who are busy trying to get MS sued for being anti-competitive, by providing free AV with their O/S?
Pot calling the kettle black?