Kees Cook entralled CollabSummit attendees last week with his update on how the Linux Kernel Self-Protection project is coming along. There are now developers from several different organizations (Google, Linaro, Oracle, Red Hat, Intel, one self-funded, and one funded by CII) participating in the project. Kees went into detail about how it is important to not stall out just fixing security bugs as they appear but that we need to proactively develop technology to defeat entire classes of bugs before they can be exploited (with examples). Kees’ charts are available online.
