Small codebase as a prerequisite for security

Sean Lynch seanl at
Fri Feb 12 13:40:53 PST 2016

On Thu, Feb 11, 2016 at 8:20 PM Peter Gutmann <pgut001 at>

> Sean Lynch <seanl at> writes:
> >I'm not talking about raw size or complexity here; obviously having lots
> of
> >features and support for lots of devices means high complexity, but it
> doesn't
> >require that all that complexity run with full system privileges.
> XKCD is, as usual, most apropos here:
> A huge amount of embedded stuff doesn't even have a kernel mode, because
> its
> irrelevant (or, if the hardware does actually support two different modes,
> everything is run in the highest-priv'd mode).  Either the system is
> robust/secure/reliable or it isn't, whether there's a kernel/user split is
> irrelevant.

Obviously on a device with no MMU or supervisor mode everything running on
it is your trusted computing base.

Security is not binary.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 1382 bytes
Desc: not available
URL: <>

More information about the cypherpunks mailing list