1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
|
#+title: Curiosities, Directions and Supplemental Information
#+date: 2026-05-18 Mon
#+author: W. Kosior
#+email: wkosior@agh.edu.pl
* Android Security
- SELinux
- account per application
- APIs for cross-app communication
* App Side-Loading (Google Android)
- historically allowed
- developer verification
- 2025 — announcement
- September 2026 — Brazil, Singapore, Indonesia, and Thailand
- 2027 — global
- required application approval by Google
- developer identification & terms acceptance
- hobbyist with email — up to 20 installs
- https://github.com/woheller69/FreeDroidWarn
- custom ROMs
* Play Integrity API
- API to check the application it is not debugged / modified
- BASIC, DEVICE, STRONG
- hardware attestation
- Magisk, PIF
* App Side-Loading (Apple iOS)
- historically disallowed
- DMA
- March 2024 — alt stores
- still no real sideloading
- stores controlled by Apple
* DMA AI Access
- Gemini system access on Android
- other models
- https://dataconomy.com/2026/05/14/apple-google-eu-criticize-ai-access/
* Router Freedom
- use one's chosen router & modem
- copper wire & opic fibre
- "ISPs hate him"
* Radio Freedom
- lock radio devices?
- WiFi, GPS, etc.
- 2014
- proposed legal requirement on manufacturers
- January 2026 — plans abandoned
- FSFE advocacy
* LLM CVEs
- spring 2026
- hundreds of (Linux kernel) security bug reports
- low quality → high quality reports
- Copy Fail (CVE-2026-31431)
- April 29, 2026
- few weeks after report to kernel
- local privilege esalation
- worst in years
- distributrions not notified
- not the job of kernel devs
- usually done by researchers themselves (not here)
- CVSS score only 7.8
- lost in hundreds others
* Kernel Livepatch
- rebootless security fixes
- earlier: ksplice (Oracle), kGraft (SuSE), kpatch (Red Hat)
- load a specifically-prepared kernel module
- hijack a function using ftrace
* Rust in OS development
- Linux kernel "Rust experiment"
- "stable" since April 12, 2026 (Linux 7.0)
- old driver rewrites
- Apple GPU driver
- disagreements
- not mainlined
- userspace
- uutils
- from ground up
- e.g., Redox OS (2015)
- "has real potential, but it is not there yet, but is worth watching..."
~ /Andrew S. Tanenbaum (2025)/
* ASLR
- what is the =malloc()= address in this process' virtual address space?
- PIC, PIE
- ASLR bypasses
* Meltdown & Spectre
- 2017/2018
- speculated years earlier
- timing attacks
- x86 and not only
- read kernel address space
- read process' address space
- JIT sandboxes (e.g., JavaScript)
- mitigations (retpoline, clock granularity, separate process or VM)
* Microkernel vs Monolithic Kernel
- kernel- or user-space drivers?
- Tannenbaum-Torvalds debate (90s)
- microkernel
- driver flaws not fatal
- easier driver debugging
- e.g., Mach, kernel of MINIX, L4, Zircon (Fuschia's kernel)
- monolithic kernel
- less context switches (efficiency)
- simpler design (time to market)
- e.g., Linux, most UNIX'es
* Fuschia
- 2016 — first Google code release
- 2021 — actual product (Google smart speakers)
- non-UNIX, instead:
- namespaces
- capabilities
- *not* like Linux/POSIX capabilities
- similarities with AppArmor rules or Windows tokens
- more: https://arxiv.org/pdf/2108.04183
* MINIX 3
- Andrew S. Tannenbaum
- a didactic OS
- restarting of crashed drivers
- powers modern Intel ME
* Hybrid Kernels
- Windows (NT, aka 1993-present)
- XNU (Apple OSes)
- GNU HURD
- «As to the whole "hybrid kernel" thing - it's just marketing"»
~ /Linus Torvalds (2006)/
* Rump Kernel
- same driver loadable as userspace or kernelspace
- NetBSD
- note related features like UIO/FUSE (Linux)
* Hardware Considerations
- proprietary blobs
- microcode (CISC vs RISC)
- "Ring -3"
- Intel ME (all post-2009)
- AMD PSP (all post-2013)
- others (GPUs, radios, etc.)
- "new" NVIDIA drivers (May 2022)
- *firmware*
* Hardware Considerations — ISAs
- x86
- Intel & AMD duopoly
- there is also a third company nobody recognizes
- only major CISC (microcode issue)
* Hardware Considerations — ISAs, Cont.
- x86
- ARM
- patents & designs licensed from ARM Holdings plc
- fabless
- good competition
* Hardware Considerations — ISAs, Cont…
- x86
- ARM
- MIPS
- out of fashion
* Hardware Considerations — ISAs, Cont…
- x86
- ARM
- MIPS
- SPARC
- released by Sun Microsytems, locked by Oracle
* Hardware Considerations — ISAs, Cont…
- x86
- ARM
- MIPS
- SPARC
- (Open)POWER
- Linux Foundation
- TALOS II
- servers
* Hardware Considerations — ISAs, Cont…
- x86
- ARM
- MIPS
- SPARC
- (Open)POWER
- RISC-V
- royalty-free
- 2010
- 2018 — RISC-V base ISA and privileged architecture specifications
* DMA attacks
- cellular modems (!)
- back to firmware blobs issue
- IOMMU
* Cold boot attacks
- DDR2, DDR3, DDR3
- Cache-as-RAM?
|
