by Swapnil Bhartiya

Linus Torvalds: Security will never be perfect

Aug 20, 2015
LinuxOpen SourceOperating Systems

Linus Torvalds made a surprise appearance at LinuxCon and talked about containers, security, and IoT, among other topics.

One of the best kept secrets at this week’s LinuxCon was the presence of Linus Torvalds. I’ve never not seen Linus at any of the LinuxCons I’ve attended since 2009, whether in Europe or North America, but no matter who you asked, the answer was, “He’s not here.” This morning, though, a little bird sang that the surprise guest for the upcoming keynote was none other than Torvalds.

dsc 3508 Swapnil Bhartiya

Mandatory selfie with Linus Torvalds.

It started with a Microsoft advertisement, and Jim Zemlin, executive director of the Linux Foundation, joked as he took over the stage, “From now on that’s how all our events will start.” He then invited Linus to the stage and read a recent Businessweek article excerpt praising his work: “Torvalds may be the most influential individual economic force of the past 20 years. He didn’t invent open-source software, but through Linux he unleashed the full power of the idea.”

And that is true: Software written by Linus today runs on more devices than the combined products of both Bill Gates and Steve Jobs. His software powers everything around us in the modern world. It has indirectly created companies like Red Hat, SUSE and Canonical, and enabled companies like Google, Facebook and Amazon to run their massive operations. He has also made the open source development model a norm in today’s world. He really is one of the most influential people in the world today.

Jim also quoted from the article, “Torvalds has, in effect, been as instrumental in retooling the production lines of the modern economy as Henry Ford was 100 years earlier. It’s absurd that so much power has collected in one man.”

Linus responded, “It does feel absurd. I am not sure about the power, but I love open source and how all that credit goes to me.” The humble Linus said, “Realistically, the only power I have is to say no. And sometimes I do that in a somewhat colorful manner. Because I don’t write code anymore, I get a lot of kudos these days for just being a maintainer and manager of a lot of very productive people.”

Jim engaged the audience with some more fun. He said, “Just to be clear that [Linus’] ego doesn’t get too big with this kind of credit, the author does follow by saying, he is 5-feet-ho-hum tall with a paunch.” Linus snapped back, “5’ 8’’ is just right.”

Jim, nevertheless, read more from the article: “It’s cheap and easy but true to say his body type gait resembles that of Tux, the penguin mascot.” Linus, who drove from Portland to attend the event, responded, “Remind me why I came here today. Is it a roast?”

Not a huge fan of containers

Jim then moved to some serious topics, including one of the hottest subjects these days: containers and Docker. In fact, looking at the event schedule, you’d think LinuxCon was a container event.

However, Linus seemed as excited about containers as a fish would be about a bicycle. “I am so happy that the kernel tends to be fairly far removed from all these issues, all the buzzwords and all the new technologies,” he said. “We end up being in a situation where we only care about us working on and how people use the kernel. I am so focused on the kernel that I don’t even care very much. We see when people need technologies from us to implement all of this, obviously there is c-groups and virtualization, if you do it that way. So we see that side of it. But at the same time, I don’t get involved in politics between all the different groups and all the stuff that goes on top of the kernel. And I am really happy I don’t have to.”

Jim took the cue on buzzwords, saying he wanted to discuss all of them with Linus, including IoT (Internet of things), noting that people often ask, looking at these IoT devices, how small can the kernel actually get?

Honey, I couldn’t shrink the kernel

Linus said he doesn’t feel that there is much scope there. “We traditionally have been in a situation where the kernel didn’t have to shrink; it was always the hardware that grew up.” He said that everybody always wished for the kernel to actually shrink. These days, the kernel, with all the modules, is tens of megabytes in size, which is shocking. If you compare it with early days, when it started, the entire kernel was below 1 megabyte and you could load it. He added, “Those times are long gone. I am trying to go back to being a lean and mean IoT machine.”

Jim quipped, “Is it because of the article statements?” Linus responded, “No, it’s really hard to get rid of unnecessary fat, because as every developer in this room knows, things tend to grow and there are projects doing that realistically. I don’t think we will ever go back down to the kind of size where we were 20 years ago. We can certainly grow smaller, not shrink. But I do suspect that if you want us to work on really small devices, you will have to end up with other alternatives.”

At odds with security

Linus is not known for being a huge fan of the security community — not that he doesn’t care about security; he does. The reason he is often at odds with the security community is because “the security community tends to be very black and white. Either it’s security or it’s not. And if it is security, they care deeply. And if it is not, they don’t care.”

He then pointed out, “What I see is security means bugs and most of the security issues we have had in the kernel, and happily they haven’t been that big — well some of them were big, but that doesn’t happen that often. Most of them have been just completely stupid bugs that nobody really would have thought of as security issues normally, except for the fact that some clever person comes around and takes advantage of that.”

So can Linux get rid of such bugs? Not realistically. It’s just impossible to write any software free of bugs. The thing is to catch them as soon as you can. “The thing is, you are never going to get rid of bugs,” Linus said. It’s also hard to know ahead of time that the bug in your software can be a security issue. And he’s absolutely right. “If you think of it that way, then you just know that bugs are inevitable; security is never going to be perfect,” he added.

The big difference, as usual, comes from transparency and how quickly the involved parties respond to such bugs. As we’ve covered in other stories, open source companies are much faster at patching bugs than proprietary companies, which, despite having billions of dollars in their pockets, leave security holes unpatched for months to be exploited.

So is there any mechanism in the Linux kernel to ensure fewer bugs go through? Linus said, “In the kernel we obviously try to do the very best we can do. We are very careful on code; we have very strict standards when new people come around. It’s sometimes hard to get into the kernel community just because if you are used to userspace programming, in the kernel you have to be very strict in some respects.”

He said that outside of the kernel, people should simply admit that “a) bugs happen, and b) try to mitigate them by, for example, having multiple layers of security. So if you have a hole in one component, the next component will catch it hopefully. I think open source is doing fairly well, but anybody who thinks that we will be entirely secure is not being realistic. We will always have issues.”

The Linux Foundation has started an initiative to make open source more secure. When asked about things open source projects can do to ensure bugs happen less often, Linus said, “What I would love to see is, anybody who does network connections, to just have a random packet testing kind of thing. And I have to admit, we do other random testing for the kernel, but I don’t think we are necessarily doing as well as we should on things like that.”

Linux in 10 years

Linux has come a long way since its inception. While Windows and Mac OS X still primarily do the same kinds of things, Linux is running on a wide range of things — from supercomputers to tiny smartwatches. It scales so well. So one may be curious to know the vision of it’s creator. Jim asked Linus where Linux will be in 10 years. He responded, “That’s not how I started Linux. I am a very prodding, pedestrian kind of person. I look six months ahead; I look at this release and I know what’s coming up in the next one. I don’t think planning 10 years ahead is necessarily very sane.” He said that if you go back 10 years and see where Linux was and try to plan where it is today, “that would be completely insane. I don’t take that approach.”

Then he pointed out something unique to open source: one particular advantage that open source has is that “you have all these companies that are trying to make the next 10 years happen and by using open source, they can try to push their own agenda and they notice, ‘Hey we need this in order for our next 10 years to happen.’ It actually helps Linux, even if I personally as a maintainer am not forward thinking. The whole process is very forward thinking because open source allows and actually encourages that kind of behaviour. So I am not worried about Linux in 10 years. I am worried about us stumbling on the bugs we find today or tomorrow.”

It’s a good job

Linus, like many developers, works from home, a work style that’s breeding a new culture. He manages over 1,500 people who work for big corporations like Google, Facebook and Amazon. Jim reminded Linus that he once said, “I will show up in the kitchen in a bathrobe and it embarasses my daughter. Her friends would ask, ‘What kind of hobo is your dad?’”

As the wall-shattering laughter from the crowd subsided, Linus shared another anecdote: “I have the FedEx guy; he already knows me. I mean if it is 2 p.m. in the afternoon and I open the door for the package in my bathrobe, he doesn’t blink anymore. It’s a good job, right.”

There he is, one of the most influential people of the modern world, whose work far exceeds that of industry icons like Steve Jobs and Bill Gates and so does his humility.