New Ubuntu Core 18 Targets IoT Security
Canonical released a version of its popular Ubuntu Linux distribution specifically designed to run embedded in Internet of Things (IoT) devices, with a focus on security.
The new Ubuntu Core 18 distro is based on Ubuntu 18.04 LTS (long-term support). Ubuntu is one of the more popular Linux offerings, consistently ranking high in popularity indices based on its ease of use, especially for beginners.
In announcing the release, Canonical emphasized security, a front-and-center concern amid reports that nearly half of companies can't detect IoT security breaches and device companion apps can introduce security vulnerabilities that have prompted other firms such as Oracle to release offerings such as Java Card 3.1 with baked-in IoT security.
For Ubuntu Core 18, that baked-in security comes in several ways, with a focus on secure snaps, which are self-contained application packages of software that can be used to create anything from command-line tools and background services to desktop applications. Snaps created by various developers are available in a store, and Canonical said there are about 4,600 snaps available, published by some 1,700 independent publishers.
"Immutable, digitally signed snaps ensure that devices built with Ubuntu Core are resistant to corruption or tampering," said Canonical in a Jan. 22 blog post. "Any component can be verified at any time. All snaps on Ubuntu Core devices are strictly confined, limiting any damage from a compromised application."
The company also said all snaps distributed to devices are scanned regularly to detect known weaknesses and devices, which it said helps enterprises and manufacturers to learn quickly about possible risks in their systems.
Furthermore, Canonical said it reduced the attack surface of the distro by minimizing the number of base OS packages that get automatically installed, which it said both shrinks the size of security updates, which will need to be shipped less frequently, and reserves more storage for apps and data. In fact, the distro's site shows an OS image size comparison in which Ubuntu Core 18 weighs in at a little more than 260MB, while RedHat coreOS is pegged at about 807MB.
"Canonical's Ubuntu Core puts the right code on a device with clean update and management semantics," Canonical quoted Ian Hughes, senior analyst IoT, 451 Research, as saying. "Since snaps deliver everything from the kernel and device drivers to 3rd party applications, targeted upgrades can be orchestrated and delivered to IoT endpoints via a central app store with no user intervention. This manageability is essential to enhance the ongoing security and performance of devices in the field. Ubuntu Core is used across many types of IoT device such as digital signage, drones and robots, with ROS applications supported as snaps, and in IoT gateways. This all sits within the existing open source Ubuntu ecosystem providing familiarity and common tools for developers."
Ubuntu Core 18 can be downloaded here.
David Ramel is the editor of Visual Studio Magazine.