On Thu, Feb 11, 2016 at 8:20 PM Peter Gutmann <[email protected]> wrote:
> Sean Lynch <[email protected]> writes: > > >I'm not talking about raw size or complexity here; obviously having lots > of > >features and support for lots of devices means high complexity, but it > doesn't > >require that all that complexity run with full system privileges. > > XKCD is, as usual, most apropos here: > > https://www.xkcd.com/1200/ > > A huge amount of embedded stuff doesn't even have a kernel mode, because > its > irrelevant (or, if the hardware does actually support two different modes, > everything is run in the highest-priv'd mode). Either the system is > robust/secure/reliable or it isn't, whether there's a kernel/user split is > irrelevant. > Obviously on a device with no MMU or supervisor mode everything running on it is your trusted computing base. Security is not binary.
