Year 2038 time set problem

valdis.kletnieks at vt.edu valdis.kletnieks at vt.edu
Sun Mar 4 23:15:58 EST 2018


On Sun, 04 Mar 2018 21:21:13 -0500, Ruben Safir said:

> I am not setting up a high availability cluster in my house, thank you.
> And fwiw, I've run systems for 6-8 years without rebooting on pc
> hardware.  My little fanless fit/pc service running an intel atom had at
> one time run 5 years without rebooting.  I only had a system fry once
> while it was up an running since the late 1990's until today, and in
> that case it was wild power surge and the hardware was up and running in
> 20 minutes with a swap out of the hard drive.

The fact that you've kept a system going for 8 years without a reboot
isn't proof that actually doing so is a good idea security wise.

> The linux kernel is integrated into dozens of devices which never see
> the light of day for kernel upgrades from PPOE routers, IOT devices,
> cellphones, VOIP boxes, electrocardiograms, menu displays for McDonalds,
> signal boxes on train systems, etc etc etc.

The big problem *there* isn't that a reboot is often required.

The problem is that the vendors won't ship a patched system to reboot *into*.

> What has been described is a huge security problem and your solution is
> a non-starter and doesn't help the broader problem.

I repeat what I said - if you can't afford a reboot because it's mission critical,
you can't afford to *not* be doing HA or load balancing or something.

The Internet of Pwned Things problem is with systems where a reboot *is*
feasible (are you going to notice if your light bulb reboots at 3AM when it's
off anyhow?), but vendors have no ecomonic incentive to provide fixes after
they've got your money (unless they can monetize you post-purchase - and most
people won't pay for a support contract, so the vendor's only realistic choice is
monetizing your data..)

And that's a totally orthogonal issue.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 486 bytes
Desc: not available
URL: <http://lists.kernelnewbies.org/pipermail/kernelnewbies/attachments/20180304/fbef55f3/attachment.sig>


More information about the Kernelnewbies mailing list