It has become apparent that Internet of Things devices need a major security upgrade. Most of these changes need to be made at the software level, including the operating systems being used. Canonical announced Ubuntu Core 16, which focuses on providing additional security for IoT devices. Additionally, the new version will improve the validation of snap apps.
Bigger Focus on IoT Security is Direly Needed
One of the most significant changes to be found in Ubuntu Core 16 is how failed software updates will be handled. In most cases, the OS would continually try to update to the latest version if the process failed for some unknown reason. That will be a thing of the past in Ubuntu Core 16, as failed updates will result in a rollback to a previously correct state.
Speaking of updates, security updates are the primary focus for Ubuntu Core 16. The developers’ new approach to validating snap-updates should make it easier to deploy smaller security fixes on a large scale. The authenticity of these upgrades can be verified based on fingerprint scans and digital signatures. All of the devices running this new version of Ubuntu Core will automatically receive regular and reliable free security updates.
Despite the open source nature of Linux as an operating system, it is virtually impossible to address all security flaws at the same time. Given the recent vulnerabilities, such as Dirty COW, it has become apparent that there is still a lot of work to be done. As these vulnerabilities will impact the devices running Ubuntu Core, most of which are IoT devices, a better solution needs to be found. This is why these snap-updates are such a high priority right now.
Having such a major operating system supporting IoT devices is a big step in the right direction.Vulnerable devices can be turned into major botnets, which can then execute attacks such as the DynDNS DDoS wave. Having regular security updates on the OS level is invaluable for the future of the Internet of Things.
At the same time, this does not mean that all of the vulnerabilities plaguing IoT devices will go away automatically. Hardware manufacturers still have their work cut out for them as well. First of all, they need to remove the possibility of using the default login and password, and force users to reset these details when first setting up the devices.
Whether or not this “snap” approach is the right one remains to be seen. The Linux community is somewhat divided on this front, as it is not unlikely that Snap developers will no longer support their project in the future. Then again, there is the advantage of having an option of the Ubuntu system core through the Linux servers. This is a positive development overall, and hopefully a sign of things to come for IoT devices.
If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.