Looks like I have new toys to play with on my Raspberry Pi estate…:
In its latest release, Ubuntu Core 20, Canonical has gone to great pains to make it the most secure IoT and embedded Linux available on the market today. According to a third-party security audit by Rule4, a global cybersecurity provider:
Ubuntu Core takes a security-first approach, ensuring that security is built-in throughout the entire application and device lifecycle. While most of the Ubuntu Core attributes directly support security in some manner, the architecture itself establishes a secure foundation that is easily built upon. This includes a minimal operating system and kernel, with device drivers are packaged and installed as snaps, as are gadget-specific applications. At runtime, individual applications are rigidly sandboxed via a policy-based system that restricts access to the filesystem, network interfaces, system calls, and other standard Linux facilities. This approach provides an extraordinary amount of fine-grained security control that can be used to ensure that both the device and any associated data is adequately protected. Out of the box, Ubuntu Core provides the ability to easily deploy security updates across the application, gadget, and base system.