Antivirus Firm Kaspersky Launches Its Own Hackproof OS, Based On Microkernel (fossbytes.com)

← Back to Stories (view on slashdot.org)

Antivirus Firm Kaspersky Launches Its Own Hackproof OS, Based On Microkernel (fossbytes.com)

Posted by BeauHD on Friday November 18, 2016 @09:40AM from the nothing-but-the-basics dept.

An anonymous reader quotes a report from Fossbytes: Kaspersky Lab, a Russian cybersecurity and antivirus company, has announced their new operating system which was in development for the last 14 years. Dubbed as Kaspersky OS, it has made its debut on a Kraftway Layer 3 Switch. Not many details have been revealed by the CEO Eugene Kaspersky in his blog post. The GUI-less OS -- as it appears in the image -- has been designed from scratch and Eugene said it doesn't have "even the slightest smell of Linux." He actually tagged "Kaspersky OS being non-Linux" as one of the three main distinctive features he mentioned. The other two features he briefly described are rather fascinating. The first feature is that the Kaspersky OS is based on microkernel architecture, which basically means using the minimum amount of ingredients to bake your own operating system. The OS can be custom-designed as per requirements by using different modification blocks. The second distinctive feature is the inbuilt security system which can control application behavior and OS modules. It touts Kaspersky OS as practically unhackable, unless a cyber-baddie has a quantum computer -- which will be required to crack the digital signature of the platform -- at his disposal.

54 of 108 comments (clear)

Min score:

Reason:

Sort:

Reports of it being hacked in 5...4...3... by Moheeheeko · 2016-11-18 09:42 · Score: 4, Insightful

Nothing is Hackproof, the internet always finds a way.
1. Re:Reports of it being hacked in 5...4...3... by Anonymous Coward · 2016-11-18 09:48 · Score: 1
  
  "Reports of it being hacked in 5...4...3..." (Score:2), 1st post.
  Well played sir
2. Re:Reports of it being hacked in 5...4...3... by The-Ixian · 2016-11-18 09:54 · Score: 1, Insightful
  
  Reports of MS claiming patent infringement of the kernel in 5....4...3...
  
  --
  My eyes reflect the stars and a smile lights up my face.
3. Re:Reports of it being hacked in 5...4...3... by skids · 2016-11-18 09:58 · Score: 1
  
  My money is on no cryptographic side-channel protection.
  
  --
  Someone had to do it.
4. Re:Reports of it being hacked in 5...4...3... by networkBoy · 2016-11-18 10:28 · Score: 1
  
  Granted, but I think that Kaspersky knows what to look for in designing a secure OS.
  I'd like to give them the benefit of the doubt that they've done a solid job building an embedded OS.
  That said, source would be nice to see...
  -nB
  
  --
  whois gawk date unzip strip find touch finger mount join nice man top fsck grep eject more yes exit umount sleep dump
5. Re:Reports of it being hacked in 5...4...3... by thinkwaitfast · 2016-11-18 10:32 · Score: 1
  
  Porting is relatively easy.
  I used to write ASPs and BSPs for new CPUs coming out. This was almost twenty years ago and fairly easy do do once you've done a few. If it's afairly standard processor, I could have something up in running usually in a day or so.
6. Re:Reports of it being hacked in 5...4...3... by Kjella · 2016-11-18 10:49 · Score: 1
  
  Reminds me of this one:
  
  Beware of bugs in the above code; I have only proved it correct, not tried it. -- Donald Knuth
  
  --
  Live today, because you never know what tomorrow brings
7. Re:Reports of it being hacked in 5...4...3... by Espectr0 · 2016-11-18 10:51 · Score: 1
  
  Take Denuvo for example, when the first videogame using this technology was hacked most people thought "game over", but aside from some exceptions, Denuvo is still winning the crack battle.
  Hacking an OS is "easier" in the sense that there are lots of more entries for a hacker to jump into, so let's see what happens. Of course if no one uses the OS, it will be harder as there is no interest.
  
  --
  Open Source Java Web Forum with LDAP authentication
8. Re:Reports of it being hacked in 5...4...3... by thePowerOfGrayskull · 2016-11-18 12:07 · Score: 1
  
  The original post from Kapersky doensn't make the unhackable claim.
  Then again, it doesn't miss the mark by much...
  
  . I also hope itâ(TM)s clear that itâ(TM)s better â" no matter how difficult â" to build IoT/infrastructure devices from the very beginning in such a way that hacking them is practically impossible
9. Re: Reports of it being hacked in 5...4...3... by Anonymous Coward · 2016-11-18 13:05 · Score: 1
  
  No, no one would hack an userless internet connected device. Or lots of them. Or use them to stage the largest DDoS attack yet on an internet performance management company.
10. Re:Reports of it being hacked in 5...4...3... by RuffMasterD · 2016-11-19 00:16 · Score: 1
  
  You’re going to have to forgive my ignorance. What do you mean by ASP and BSP? I googled both and found Active Server Pages (possible to write, but you would be nuts to write that for a new CPU), and Bank South Pacific (unlikely).
  
  --
  Human Rights, Article 12: Freedom from Interference with Privacy, Family, Home and Correspondence
11. Re:Reports of it being hacked in 5...4...3... by Lunix+Nutcase · 2016-11-19 04:21 · Score: 1
  
  BSP is a board support package.
How is it licensed? by subk · 2016-11-18 09:44 · Score: 5, Insightful

I don't see any mention of the source code being available, and if that turns out to be the case, I wouldn't touch this "secure OS" with a ten foot pole. Who says it's secure? They do? And I'm supposed to just believe it?

--
Now, if you'll excuse me, I have backups to corrupt.
1. Re:How is it licensed? by PRMan · 2016-11-18 09:52 · Score: 2
  
  Works for Microsoft...
  
  --
  Peter predicted that you would "deliberately forget" creation 2000 years ago...
2. Re:How is it licensed? by Anonymous Coward · 2016-11-18 20:07 · Score: 1
  
  People say that, but I wonder, have you actually pored over every line of code in Linux/BSD/Whatever and their application ecosystems, and do you actually have the competency to determine how secure it is? Shellshock was in the Bash source code for 25 years, can you trust open source to be secure?
3. Re:How is it licensed? by amiga3D · 2016-11-19 00:39 · Score: 2
  
  Maybe no one has poured over every line of code in the Linux kernel but then you don't know that either. For sure it can be looked at. This new OS can't be looked at. I guess it depends on your level of trust. I'd bet any amount of money that it'll be backdoored. You know it'll have bugs.
In Soviet Russia, OS hacks you! by slashdice · 2016-11-18 09:50 · Score: 1, Troll

+5 funny

--
Copyright (c) 1990 - 2014 Dice. All rights reserved. Use of this comment is subject to certain Terms and Conditions.
1. Re:In Soviet Russia, OS hacks you! by K.+S.+Kyosuke · 2016-11-18 11:44 · Score: 1
  
  apk's diatribe is funnier
  OK, let me bootstrap this by noting that this new OS probably doesn't feature any antiquated hosts file mechanism.
  
  --
  Ezekiel 23:20
Re:Reports coming in by Anonymous Coward · 2016-11-18 09:52 · Score: 1

Your buttfucking is intriguing to me and I wish to subscribe to your newsletter.
OpenBSD by pD-brane · 2016-11-18 09:54 · Score: 1

OpenBSD is secure, correct, microkernel-based and doesn't contain any parts of Linux. What is essentially different?
1. Re:OpenBSD by Anonymous Coward · 2016-11-18 09:57 · Score: 2, Informative
  
  OpenBSD is secure, correct, microkernel-based and doesn't contain any parts of Linux. What is essentially different?
  Uhh, no. OpenBSD is monolithic instead of microkernel, and may contain Linux parts, at least in the userland.
2. Re:OpenBSD by Anonymous Coward · 2016-11-18 10:02 · Score: 2, Funny
  
  Same shit. Different asshole.
3. Re:OpenBSD by ShanghaiBill · 2016-11-18 11:30 · Score: 1
  
  OpenBSD is secure, correct, microkernel-based
  OpenBSD is not microkernel based.
  Microkernel based: Mach, Hurd, QNX
  NOT microkernel based: Windows, Linux, FreeBSD, OpenBSD, NetBSD
  Sort of microkernelish in some ways, but not really: Mac OS
4. Re:OpenBSD by pD-brane · 2016-11-18 18:59 · Score: 1
  
  OpenBSD is not microkernel based.
  I stand corrected.
5. Re:OpenBSD by zixxt · 2016-11-19 12:48 · Score: 1
  
  Windows is Microkernel based as well.
  the WIndows NT kernel is about as much of a microkernel as Linux is.
  
  --
  ---- GENERATION 26: The first time you see this, copy it into your sig on any forum and add 1 to the generation.
Microkernel means something else by Chai+T.+Rex · 2016-11-18 09:55 · Score: 1

The first feature is that the Kaspersky OS is based on microkernel architecture, which basically means using the minimum amount of ingredients to bake your own operating system.
The rest of the operating system outside the microkernel will still need to include all the other desired operating system features missing from the microkernel. There are the same "amount of ingredients", they're just mostly implemented outside the kernel.
1. Re:Microkernel means something else by unixisc · 2016-11-18 10:30 · Score: 1
  
  It's been Windows 8, and now Windows 10. Note that the telemetry and other stuff is in user space in 10, so it's not like it can't be removed by Microsoft should they decide down the road to stop spying. But there is nothing inherently intrusive about a microkernel architecture: you could install Minix and run it perfectly safely, w/o communicating to unknown places.
2. Re:Microkernel means something else by RuffMasterD · 2016-11-19 00:14 · Score: 1
  
  AC used satire to highlight flawed logic. Why is this down-voted? Bad case of Whooooosh?
  
  --
  Human Rights, Article 12: Freedom from Interference with Privacy, Family, Home and Correspondence
Guys! by The-Ixian · 2016-11-18 10:00 · Score: 5, Funny

I was a skeptic until I read this:

First, it’s based on microkernel architecture
Ok... say no more... I am convinced!

Second, there’s its built-in security system
Woah.... slow down! Here's my money! TAKE IT!

Third, everything has been built from scratch
I am not sure how I continue to type this with and exploded head....

--
My eyes reflect the stars and a smile lights up my face.
QNX just called. by Anonymous Coward · 2016-11-18 10:14 · Score: 5, Informative

There is already an OS which is all of those things. Nothing is completely "unhackable" but I'd trust something which is as mature as QNX way way more than this new experimental crap.
1. Re:QNX just called. by Anonymous Coward · 2016-11-18 10:21 · Score: 5, Funny
  
  But this comes with a free trial of their anti-virus software.
2. Re:QNX just called. by Pseudonym · 2016-11-18 13:21 · Score: 2
  
  There is already an OS which is all of those things.
  Sounds good! I have a shiny new 64-bit CPU and I would like to run this QNX on it please!
  Oh, really? Never mind, then.
  
  --
  sub f{($f)=@_;print"$f(q{$f});";}f(q{sub f{($f)=@_;print"$f(q{$f});";}f});
3. Re:QNX just called. by Pseudonym · 2016-11-18 13:29 · Score: 2
  
  [...] awful design choices (synchronous messaging).
  QNX has asynchronous messaging now, but of course, the point was always that the kernel's synchronous messages were just building blocks. QNX has supported POSIX message queues for as long as I can remember, and it has also told you (though, yes, the documentation was crap) how to roll your own if that didn't suit your needs.
  
  --
  sub f{($f)=@_;print"$f(q{$f});";}f(q{sub f{($f)=@_;print"$f(q{$f});";}f});
4. Re:QNX just called. by WPsim · 2016-11-18 23:52 · Score: 1
  
  You're right about such an OS to exist already, you merely got its name wrong. It is called seL4.
  (Disclaimer: I had my fingers in that pie.)
5. Re:QNX just called. by amiga3D · 2016-11-19 00:40 · Score: 1
  
  Hell, Minix is open source.
Does this guy know what a microkernel is? by kamakazi · 2016-11-18 10:30 · Score: 5, Insightful

If you read TFA this guys says:
"The first feature is that the Kaspersky OS is based on microkernel architecture, which basically means using the minimum amount of ingredients to bake your own operating system. The OS can be custom-designed as per requirements by using different modification blocks. This is similar to what Cyanogen Inc. has implemented in the module-based form of Cyanogen Modular OS for smartphones."
Unless I have missed something Cyanogen's OS is still using a normal monolithic kernel. Actually this guys description would pretty well include normal module loading and unloading in the linux OS. Why do people who don't understand things try to explain them by comparing them to other things they probably also don't understand?
But then I read Fossbytes 'about us' page and realized that they are just another aggregator running out of Delhi, and their biggest claim to fame is 300,000 followers on social media. Can't we at least get a link to the horse's mouth like
https://eugene.kaspersky.com/2...
instead of re-aggregating an poorly written per-aggregated mention of the news?

--
"Proximity to wonder has blunted our perception and appreciation of it" --Tim Hartnell in 'Exploring ARTIFICIAL INTELLI
1. Re:Does this guy know what a microkernel is? by MindPrison · 2016-11-18 11:14 · Score: 1
  
  Just when an article has the world "unhackable" in it, that's the warning sign right there that it's not serious.
  
  --
  What this world is coming to - is for you and me to decide.
2. Re:Does this guy know what a microkernel is? by Anonymous Coward · 2016-11-18 13:02 · Score: 1
  
  I know, my first thought on reading that sentence was "that's not even SLIGHTLY what microkernel architecture means!"
3. Re:Does this guy know what a microkernel is? by AHuxley · 2016-11-18 16:17 · Score: 1
  
  More that everything is in its place and tracked, signed. Any unexpected changes get noticed and reported. Kind of what third party OS level tracking software can do on OS X, Linux or Windows.
  Software can track any app that wants to be persistently installed. When any new persistent component is added the user is alerted.
  Other ways are to look at a tasks signature, dylibs, signing, network use and file access in OS X for example.
  A more traditional OS might trust the user more and have much less feedback on OS level changes or files, outgoing network requests.
  The other good factor is the code is new and in house, not built by brands that are happy to always help the US gov as a matter of policy.
  Brands that are happy to sell/give/offer/include "encryption" and the US gov then gets the plain text.
  
  --
  Domestic spying is now "Benign Information Gathering"
White Star Lines by Dunbal · 2016-11-18 10:49 · Score: 1

Would remind you that hack-proof OS is asking for trouble just as much as "unsinkable ship"

--
Seven puppies were harmed during the making of this post.
1. Re:White Star Lines by Zontar+The+Mindless · 2016-11-18 13:27 · Score: 1
  
  Nowadays the kids just say, "CHALLENGE ACCEPTED".
  
  --
  Il n'y a pas de Planet B.
2. Re:White Star Lines by The-Ixian · 2016-11-21 02:35 · Score: 1
  
  Consultant 1: Yeah... but what about the highway we built which leads directly to the port? Ever think about that?
  Consultant 2: I thought of that, smart guy... we simply build lots of turrets...
  Consultant 1: Automated turrets?
  Consultant 2: Oh, hell no! You really think the Empire will spring for that kind of cost? I mean... they didn't even go for a basic security system on the trash compactor, a galactic code requirement on death stars I needn't remind you!.... someone is going to get hurt in that thing, mark my words....
  Consultant 1: I see your point.
  
  --
  My eyes reflect the stars and a smile lights up my face.
Plot Twist by Etcetera · 2016-11-18 12:04 · Score: 1

It's really just Mac OS 8.6 and some abstraction layers...

--
Hire a Linux system administrator, systems engineer,
Cookies by fabriciom · 2016-11-18 12:23 · Score: 1

Russia and trusted OS goes tougher like vodka and cookies.
MAC is cool, covert channels are evil by davecb · 2016-11-18 12:43 · Score: 1

A lot of confidentiality is acheivable, but bugs lead to covert channels, and they seem insanely hard to find. That means a lot of maintenance. If his kernel sees reasonable sales, I'll buy in.

--
davecb@spamcop.net
burni2 launches his own hackproof os based .. by burni2 · 2016-11-18 14:39 · Score: 1

.. it's so secure it can only run a very stripped down version of hello world.
Among the popular security features are the TKA and M.A.M.
Trump Kernel Api - the only API that strips down logic expression to just "false"
McAffee-Mode - deletes every trace
@Eugene
If you're really serious. Relase the binary to public and bet your whole money on the "not hackable" challenge.
Yet Another Minix by Anonymous Coward · 2016-11-18 15:39 · Score: 1

So have they spent 14 years reinvented the wheel and made yet another Minix 3.3? '
Or given the vagueness of the press release, have they just taken Minix 3.3 under the BSD licence and called it Kaspersky OS?
Any OS is safe, as long as few use it by Tony+Isaac · 2016-11-18 16:59 · Score: 1

Hackers only go after popular OSes. What motivation would any hacker have to try to hack into, say, Beos? Based on this reasoning, I'd say the new Kaspersky OS will indeed be pretty safe. :-)
And Qubes, using 1MB Xen like a microkernel... by Burz · 2016-11-19 00:06 · Score: 1

Maybe the increase in competition will be a good thing.
On the negative side, hardware (esp. DRAM) is becoming a security nightmare, and I don't think Kaspersky OS is going to mitigate that any better than the others.
it doesn't have by sudden.zero · 2016-11-19 02:00 · Score: 1

"even the slightest smell of Linux" huh? Well where is the link for the *.iso download? I wanna be the judge of that. It sure looks like a Linux based OS to me. All it's missing is the little Penguin in the middle of the KasperskyOS logo. WHATEVER
1. Re: it doesn't have by Lunix+Nutcase · 2016-11-19 04:27 · Score: 1
  
  Because Linux invented text boot screens? lolwut?
Minix by farrellj · 2016-11-19 13:01 · Score: 1

Minix is microkernel based, and still in constant development. It would also be pretty much free of Linux code. Although, I admit, I haven't played with it since the early days of Linux....

--
CAN-CON 2019 - Ottawa's only book oriented Science Fiction Convention! October 18-20, Sheraton Hotel, Ottawa, Canada h
Hacked... by poemtree · 2016-11-19 18:24 · Score: 1

in 3-2-1...

--
Any sufficiently advanced technology is indistinguishable from Macintosh...
Re:QNX is shit by The-Ixian · 2016-11-21 02:26 · Score: 1

Sounds like this QNX thing has a built in security system...

--
My eyes reflect the stars and a smile lights up my face.