Paper is intended to highlight an "open secret" in the Linux
community: that the vendor kernel model is broken and cannot be
fixed, and that an upstream stable kernel provides much greater
protection from security vulnerabilities.
RENO,
Nev., May 16, 2024 /PRNewswire-PRWeb/ -- CIQ,
the company leading the next generation of software infrastructure
for enterprises, has published a white paper titled, "Vendor
Kernels, Bugs and Stability." The paper is intended to put numbers
around an open secret in the Linux community, specifically, that
vendor kernels are inherently insecure and that the current
engineering process makes securing those kernels impossible.
Instead, the paper advocates, consuming upstream stable kernels
affords much greater protection from security vulnerabilities that
are routinely back ported in error into vendor kernels.
We believe that the only realistic way for
a customer to know they run a kernel that is as secure as possible
is to switch to a stable kernel branch.
The paper's authors maintain that "this creates a strong
incentive" for customers that are concerned with security and
ensuring that their systems are secure to subscribe to and use a
stable kernel instead of a vendor kernel. "We believe that the only
realistic way for a customer to know they run a kernel that is as
secure as possible is to switch to a stable kernel branch."
The paper lists four conclusions:
- The vendor kernel model is broken. It can not be fixed.
- A vendor kernel is an insecure kernel. A late cycle stabilized
vendor kernel is doubly so.
- There are just too many known open bugs. It is not feasible to
analyze or classify them all.
- An upstream stable kernel provides much greater protection from
security vulnerabilities and general bugs in the kernel code.
The white paper is free and open for download at:
https://ciq.com/whitepaper/vendor-kernels-bugs-stability/
About CIQ
CIQ builds secure, reliable and performant software infrastructure
solutions at scale, with dedicated world-class services for a range
of performance intensive computing and enterprise technologies.
From the base operating system, through containers, orchestration,
provisioning, high-end computing and cloud applications, CIQ works
with every part of the technology stack enabling organizations to
focus on their core competencies, driving business-transforming
innovation. CIQ is the founding support and services partner of
Rocky Linux and the creator of the next generation federated
computing stack. For more information, please visit ciq.com.
Media Contact
Cristin Connelly, Cathey
Communications, 4049316752, cristin@cathey.co,
www.cathey.co
View original content to download
multimedia:https://www.prweb.com/releases/media-advisory-ciq-white-paper-quantifies-volume-of-back-ported-bugs-in-stable-branches-of-popular-linux-builds-302148417.html
SOURCE Cathey Communications