There's a new Ubuntu on the scene. This one isn't headed to sit on servers in data centers or on PCs and laptops in consumer space. Instead, it's a slimmed down version, dubbed Ubuntu Core 18, designed for installation by the Internet of Things (IoT) folks and in other embedded devices.
With over 20 billion IoT devices expected to be connected by next year, this is by far the fastest growing segment of IT. And IoT is diverse. It includes most devices that sit on the peripheral of the internet -- everything from hardware being used to operate machinery on an assembly line floor, to connected "smart home" devices like televisions and thermostats that need to call home over the internet, to telecom equipment located at the base of cell phone towers.
These devices generally have limited specs when compared the likes of servers, one reason why Ubuntu Core weighs in at a mere 260MB.
Another reason for the small size is security. More often than not, IoT devices are designed to operate without being carefully monitored, making security a special concern. Unfortunately, with many manufacturers IoT security is often an afterthought. Many devices, even those designed for consumer space, are not capable of being remotely patched or updated, making them easy prey for black hats to recruit into botnets for DDOS attacks or cryptomining.
"The attack surface of Ubuntu Core has been minimized, with very few packages installed in the base OS, reducing the size and frequency of security updates and providing more storage for applications and data," Ubuntu explained in a blog.
In addition to the small attack surface, Canonical has taken a number of steps to make devices running Ubuntu 18 easy to secure. For starters, like its other LTS offerings, Ubuntu Core 18 will be supported for 10 years, a policy the company introduced in November, specifically to address IoT security and maintenance concerns. This offers an easy way for manufacturers of IoT devices to keep the operating system patched and up-to-date.
Canonical also has a security solution for the applications that will run on Ubuntu Core. Apps are installed as digitally signed Snaps, Ubuntu's containerized software packages. Snaps are time tested, having seen use for several years now on Ubuntu servers and on a variety of Linux desktop distributions.
Snaps run in a sandbox, which offers protection even if an application is compromised. All of an application's dependencies are included in the Snap package as well, which does away with the worry that an upgrade could lead to a dependency conflict that could crash the system -- something you definitely don't want if you've just done an upgrade on 100,000 devices in the wild.
Not only are Snap apps available to be used out-of-the-box from IoT app stores, developers will find it easy to package needed custom software as Snaps. Installed apps can be easily updated, making it possible to push feature enhancements or security updates to devices.
Another aspect of Snaps makes the developers' job easier. The same Snap app that's being developed to run on an IoT device will run on a server or laptop.
"Ubuntu Core enables a new class of app-centric things, which can inherit apps from the broader Ubuntu and Snapcraft ecosystems or build unique and exclusive applications that are specific to a brand or model," Ubuntu said in its statement. "Specific apps can be required, or optional, per model. Manufacturers get complete control over the versions and updates relevant to their own devices."
Ubuntu Core 18 is available to download for a variety of architectures.