Friday, November 06, 2015

Washington Post examines growing concern for security of Linux kernel

The Washington Post has a huge front page story about the Linux kernel by Craig Timberg today (Friday, November 6, 2015), along with the strange history of its creation and author, Finnish software engineer Linus Torvalds, link here.
The unusual business model (or lack of model) for the way this product evolved as open source is quite remarkable.

There is a long discussion of the relative security of various operating systems, how Windows has been viewed as less secure and less stable even though it is the most versatile on personal computers.  (Some Apple fans will question my assessment of  “versatile”).  The Linux server (as opposed to Unix) has become rather standard for industrial and commercial servers.

So there is concern whether this introduces a strategic vulnerability to our entire infrastructure, especially the power grid.  Torvalds says, simply don’t connect the power grid directly to the Internet (which seems to be part of his answer to Ted Koppel’s book “Lights Out” which I’ll review soon).  He also indicates that his creation of the system was personal in nature and motive. Tordvalds also says,  If he had to worry about the theoretical possibility that someone will be mean enough to circumvent any possible security strategy, he could never get anything done.  I echo that sentiment.

I recall that a co-worker from the 1990s, Tom Oehser, created a version of Linux that fit on one floppy (popular at the time, in the days before USB drives).  It’s still available here.

 I tried it once when living in Minneapolis, maybe in 1999, with an old Everex laptop.  Tom believes in self-teaching, and once told me he ran an early Internet server back in 1994 from a 386 machine in his own home.

No comments: