Just what the world needs, another Linux distro. But does the fact it came from a top anti-malware vendor give it a competitive edge in the quest for security?
Eugene Kaspersky, CEO of the antivirus company that bears his name, took to his blog to announce KasperskyOS, a project that has been in the works for 14 years. Talk about slow development time. KasperskyOS is available for both x86 and ARM processors. It takes concepts from the Flux Advanced Security Kernel (FLASK) architecture, which was used in SELinux and SEBSD, but builds a new OS from scratch with security in mind, enabling what he calls “global Default Deny at the process level.”
+ Also on Network World:RSA 2017: The Internet of Things security threat +
KasperskyOS puts the Default Deny instruction, which basically says to block everything and allow only what’s specified by admin to run, in the core OS. This means apps can execute only if they are approved by the OS. Everything else is forbidden.
Kaspersky explained that the kernel does not transmit anything anywhere. If the policies contain no instructions to send data, the system doesn’t do it. The microkernel has practically nothing in it. All drivers are kept isolated. So, to pass any data, one has to write another piece of code, which the OS will see. All of this is written in security policies.
All told, Kaspersky created three products based on where they would be used: the OS (KasperskyOS), a standalone secure hypervisor (KSH), and a system used for secure interaction between OS components (KSS).
Kaspersky said they enabled custom applications in the hypervisor, which he acknowledged could lead to insecure customization on a secure OS. But the OS can control its interactions with hardware, other customizations, and the outside world.
“With such a configuration, escape from the sandbox is highly unlikely,” he wrote in his blog.
Kaspersky said this package is a “project offering,” not a boxed product, which means pricing will vary according to the needs and the extent to which customers apply the capabilities of KasperskyOS. He is targeting IoT, telecommunication equipment, connected cars, and industrial control systems as potential markets.
