Talking about security requires precision. However, precise language can be hard to digest for even most technical audiences. What follows is what I call a "pepperoni pizza" article. It's nobody's first choice, but most everyone can eat it.
Built on a vision that the latest software is the most secure, software updates are central to the FoundriesFactory security story. What happens, however, when software delivery is compromised? Is recovery complicated? Enter TUF key rotation!
Earlier this year, I found myself pushing the idea of an "anonymous mode" for the Aktualizr project which is the OTA agent running in the LMP. This turned into "aktualizr-lite" and has recently become the default OTA agent used by the LMP. This article explains what aktualizr-lite is and why we are using it.
Why is there no Android or Red Hat Enterprise Linux for IoT and Edge devices? The "one size fits all" approach of a modern Linux distro does not meet the requirements of the IoT and Edge markets because of the diversity of hardware and use cases - from cellular-connected sensors, to industrial IoT infrastructure, to gateways and even autonomous vehicle computing. More complex use-cases and more powerful processors almost universally use some variant of Linux. Simpler devices such as sensors typically use an RTOS. In this article we focus on Linux - a future article will explore the many RTOS options.