Canonical has released a version of its open source Linux-based operating system at Black Hat Europe 2016 that is designed specifically for controlling and maintaining Internet of Things (IoT) smart devices.
On 21 October, multiple popular websites on the internet were taken offline for several hours by a giant distributed denial of service (DDoS) attack on the internet which was carried out by the Mirai botnet. Comprising millions of hacked IoT devices like routers and web-enabled cameras, in the last month the botnet also took French web host OVH offline, as well as attacking the website of security journalist Brian Krebs with a sustained record-breaking 665 Gbps DDoS attack.
Canonical CEO Jane Silber says that Ubuntu Core 16 was developed in order to deal with all the problems that led up to the Mirai botnet, which include: device makers failing to secure their devices; device makers shipping devices with default passwords that consumers don't bother to change; and device makers who made their own custom versions of Linux, and then had no way to update them or to patch them when security issues arise.
"Those one-off Linuxes are just as scary as [the devices shipped with] default passwords. Right now, we estimate that 70% of IoT devices are homemade, so that likely means that at least of 70% of them are insecure. Device manufacturers hack together Linux because it's there, it's available and it's what the developers are used to," Silber told IBTimes UK.
"The device manufacturer might be able to make it work once, but they don't have the expertise to keep it secure and keep updating it."
Ubuntu Core 16 is a small transactional version of the Ubuntu operating system that ensures that IoT devices stay secure and instantly controllable by their manufacturers. The operating system is already in use in robots, drones, digital signage, radio access networks, home and industrial gateways, and top-of-rack switches.
"The devices will be able to update themselves whenever a new patch is available. Even if a device manufacturer goes out of business, the device can still continue to get updates. Ubuntu core devices wouldn't become zombies – we would continue to update Ubuntu Core and the updates will be sent over the air," she added.
Ubuntu Core 16 also makes use of a packaging ability called Snaps, which enables each piece of software to be contained in a secure, tamper-proof package that is signed by software developer that produced it. If anything goes wrong with an update, the manufacturer can quickly undo the update and roll back to an earlier state.
"When you think about all the IoT devices in industrial settings or the homes that don't have screens, you need to have a way to easily update them," said Silber.
"The spectre of IoT security problems is rising now, but it wasn't at the front of their minds before. Usually companies just want to get the devices out now. We're also finding it to that many did it themselves the first time, and now they don't want to put their resources into that. The OS is frankly something you want to be as standard as possible, and that's what Ubuntu is."
Ubuntu Core 16 is available to download for free. Canonical also offers a set of services to device manufacturers, such as a white label app store so companies can build their own ecosystem of apps to go with their product.