MINIX and L4 are certainly not the most relevant applications out there. Let’s not forget other devices with microkernel firmware for example, there’s L4-kernel-family-based systems, including Qualcomm modems and automotive systems based on OKL4, whose popularity peaked in 2012. Modern vehicle firmware interface proposed in 2017 Its more modern version, QNX Neutrino, worked in BlackBerry smartphones and in Cisco routers and is now to be found in firmware of hundreds of millions of motor vehicles. This OS came about in 1980s in critical industrial machines, later being used in naval radar stations. One of the oldest microkernel architecture implementations in the mobile market is QNX. However, again, if we probe deeper, microkernel OSs are no less common in that market, although they remain in the background. There’s a similar picture in the mobile, portable and embedded devices market. Today it’s present in all desktops and laptops equipped with Intel CPUs, which makes two thirds of the х86 CPU market. It’s the OS that comes with Intel ME 11 firmware. There, the most widespread operating system is MINIX, based on microkernel architecture. But very few users ever think of what’s going on a notch deeper: at the microchip and microcontroller firmware level. Indeed, its share of the global OS market is 72% - if counted by the number of computers with Windows onboard. If you ask desktop computer users to name the most popular operating system they know of, you’re sure to hear Windows as the answer. Microkernel OSs’ popularity outstripping that of Windows and Android In microkernel architecture, the kernel contains several times less code than kernel of a traditional system, and performs only strictly necessary functions - which makes it more reliable and fault-tolerant. To avoid such problems, a number of vendors have in recent years turned toward microkernel-based operating systems. The latter example shows that IoT security gaps can originate at the system design level. Moreover, it was found that it was impossible to update the firmware with a security patch - the vulnerability could only be patched in new locks that are free of the mentioned design flaw. These made it fairly easy for attackers to intercept and decrypt the locks’ passwords. In addition to key generation process flaws, researchers discovered some fundamental design problems. The vulnerability was promptly closed, but what are the guarantees that a similar trick can’t be pulled off using other IoT security loopholes?Īnother example - a situation involving a Korean KeyWe smart-locks vulnerability - looks even worse. From there, they penetrated the local network. They succeeded in loading tweaked firmware into a smart lightbulb and using it to install malware on a device controlling the illumination system. And although vendors try not to emphasize it, the IoT security problem gets more and more relevant - especially for ecosystems of several connected devices.įor example, back in 2020, Check Point researchers experimented with an attack on a network through a smart lightbulb. At the same time, internet-of-things (IoT) devices are becoming targets in a growing number of attacks. These are all devices users are accustomed to trusting with their sensitive data but are not quite able to control the security of. It also covers smart ATMs, POS terminals, video surveillance cameras and the like. This statistic includes a multitude of household systems and accessories: smart watches, fitness bands, speakers with intellectual voice assistants, and all the devices they control. By 2030, the number of connected devices in the world is expected to reach 24 billion.
0 Comments
Leave a Reply. |