ClickCease Linus Torvalds on the Need for Rebootless Patching - TuxCare

Join Our Popular Newsletter

Join 4,500+ Linux & Open Source Professionals!

2x a month. No spam.

Linus Torvalds on the Need for Rebootless Patching

July 30, 2019 - TuxCare PR Team

Linus Torvalds on the Need for Rebootless Patching title, a men standing with the server behind him

Linus Torvalds is the creator and original developer of the Linux kernel. So when he has something to say about the future of software and cybersecurity, it’s wise to listen.

Recently, at the KubeCon + CloudNative + Open Source Summit China in Shanghai, Torvalds warned of forthcoming challenges in the world of managing software. At the root of these challenges, he said, are two hardware issues that are causing DevOps teams major headaches.

Moore’s Law

Firstly, Torvalds pointed to the looming issue of Moore’s Law exhausting itself. For decades, processor vendors have relied on hardware performance doubling every year or so. But Moore’s Law will soon soften, and this rate will slow down. When this happens, developers will have to use innovative code, not hardware, to keep increasing performance.

More pressingly, Torvalds identified the cybersecurity problems linked to the speculative execution model that Intel and other processor vendors use. This model is what has opened the door for malware vulnerabilities such as ZombieLoad, Fallout, Spectre and Meltdown. These issues have caused consternation amongst the Linux community.

Countering Linux Vulnerabilities 

Torvalds pointed out that the only way to counter such vulnerabilities is to patch the Linux kernel, and that for most organizations, such patching is a painful process. This puts organizations in a Catch-22: Wait to slot the new patch into their rebooting cycle, which means remaining insecure for weeks or months. Or drag everyone in at the weekend, on short notice, to perform an emergency reboot, risking downtime and unforeseen issues.

Get a FREE 7-Day Supported Trial of KernelCare 

The Importance of Live Patching

Torvalds didn’t mention KernelCare by name, but what he is advocating is the importance of live patching. The vulnerabilities will keep coming, he said, which means the patches will keep coming. DevOps teams need a better process than constant reboot cycles; they need a way to react to the stream of new patches that is efficient and low-stress. This is precisely what a live kernel patching service like KernelCare offers.

Torvalds has always had a talent for accurately predicting the future of Linux, and of software development. He has been right before, and he’s right again here: live patching is becoming a must-have for any DevOps team that wants to survive in the current era.

Continue reading: Three Big-Name Data Breaches

Looking to automate vulnerability patching without kernel reboots, system downtime, or scheduled maintenance windows?

Learn About Live Patching with TuxCare

Become a TuxCare Guest Writer

Get started




Linux & Open Source

Subscribe to
our newsletter