Friday, May 5, 2023

Security behind the scenes

If you're not a tech nerd like me you might want to skip this post, but there's a significant move being made to make the base operating system more secure by rewriting it in the Rust programming language.  Unlike most other languages, Rust is memory-safe.  What this means is that we don't think that buffer overflow attacks will work against key OS components like sudo and su.

Buffer overflow attacks have been around for 30 years - Smashing The Stack For Fun And Profit goes all the way back to Phrack 49 in 1996.  Buffer overflow attacks allow a Bad Guy to execute arbitrary code under the privilege of the attacked program - for OS binaries and drivers, this is root or System or something that you really, really don't want to happen.

Also, Microsoft is also implementing this for some of their OS drivers.

In layman's terms, this is replacing a 50 year old rusty road bridge with a brand new one that is up to modern safety standards.  This kind of work isn't sexy but it's very important to the industry.  Well done, everybody!

3 comments:

  1. Learning this "Rust" thing has been on my to-do list for a while. I should see to what extent it can really displace my usual mixture of C and assembly, for low-level embedded stuff - and also whether it integrates nicely with legacy code.

    ReplyDelete
  2. I am not a deep into it programmer but I like to look at computer languages. I installed Rust on a Linux machine. I then did the example "Hello World" program. When it compiled, it was 12 MB. That was with no optimizations of the compilation process. Still, wow!

    ReplyDelete
  3. 12 MB for hello, world? Eek!
    That reminds me of the time I tried to figure out just what support functions were required for C++ (I was pondering using a sane subset of the language for some embedded work). The null program dragged in a huge amount of stuff, and it wasn't at all clear how much was actually needed nor what most of it did. (I specifically didn't do hello, world; I didn't want to drag in stdio and all that.)
    Since the intended target MCU for that project only had 256K of program memory, I quickly abandoned the idea.

    ReplyDelete

Remember your manners when you post. Anonymous comments are not allowed because of the plague of spam comments.