Fuchsia OS – Still a long way to high security

An experienced Linux kernel developer and hacker tries common tricks on the upcoming OS. The attempt shows that the security-first approach is not absolute: some parts of the kernel were written insecure and will have to be amended later. Some points are already plotted (KASLR is not yet implemented) but others are not.

Using a Fuchsia kernel in degraded mode, ie without security feature called SMAP (Supervisor Mode Access Prevention), a POC of rootkit have been demonstrated.

This blog post also shows that even if Fuchsia is very different from Linux, the hacking reflexes are the same.

Even if Fuchsia OS looks promising, a long journey still awaits Google before fulfilling the promise of a highly secure OS.

A Kernel Hacker Meets Fuchsia OS

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s