Originally posted by mangeek
View Post
Redox OS Ends 2024 On A High Note With Dynamic Linking Progress, ifconfig Port
Collapse
X
-
Originally posted by rafanelli View PostJust when I learned to use `ip -c a`, `ifconfig` makes a comeback!
Comment
-
-
Originally posted by Jabberwocky View Post
How does one protect against side channel hardware attacks on microkernels, like Spectre and others? Honest question. I've done some searches before writing this question but didn't find any answers my question properly.
Personally I am super excited to see where RedoxOS goes and would also really like to know if there are any "intrinsic" security benefits to microkernels and this class of attacks.
Comment
-
-
Originally posted by Jabberwocky View Post
How does one protect against side channel hardware attacks on microkernels, like Spectre and others?
I would assume that in a microkernel, the kernel could still have those flushes programmed in, but instead of just the kernel, the 'servers' providing some of the core services typically found in monolithic kernels might also need to have those workarounds in them.
But imagine how that might be better! Maybe you have a bunch of apps that you don't worry about side-channel attacks with because you're not running in an environment where they're a risk, or they are trusted apps. For those, you might point them at different 'servers' that don't have the slower workarounds built in, and only apps that we worry about side-channel attack on need to use the slower servers with the workarounds!
Comment
-
-
Originally posted by zexelon View Post
Most likely with a TON of research. Microkernels are very uncommon in the wild and I doubt any major security researcher has touched one yet. If you want to make fringe group name for yourself, studying this with the likes of RedoxOS and putting out a paper would probably put your name at the forefront of security in this niche
Personally I am super excited to see where RedoxOS goes and would also really like to know if there are any "intrinsic" security benefits to microkernels and this class of attacks.
But I doubt there has been much research into spectre etc for these. They are much less accessible to people not working in the field, they don't tend to run untrusted code (no web browsers), and for microcontrollers the CPUs tend to be simpler and may not even do speculative execution (just some very simple in-order super-scalar things).
Comment
-
-
Vorpal yes this a fair point. QNX is probably one of the most common OSs out there outside of desktop/mobile operating systems given its usage in automotive where it has been proven to have some major security issues... but those were not side channel attacks in any way. Most of them were simply asking the TPS sensor to give you access to the whole car while saying please.
I think the other major one is the L4 kernel.
Comment
-
Comment