UBUNTU CORE 16, otherwise known as Snappy, was released today and Canonical has its sights set firmly on IoT edge devices, from the Rasberry Pi to top-of-rack switches, industrial gateways, home gateways, radio access networks, smart city digital signs, robots and drones.
Canonical CEO Mark Shuttleworth explained during a press call that the snap software packaging system has been competely upgraded. In Ubuntu Core 15 the individual files were spread out all over the disk, but in Core 16 they remain as a blob.
"In Ubuntu core 16 we keep all of the software as compressed and signed files. Hackers can't modify that software on the disk, and the software on the device can always be validated," he said.
The files exist as read-only, immutable, compressed squashFS blobs on disk, meaning that devices can store different versions, automatically choose the update that is the best fit, and automatically roll back if things don't go as planned.
"There is a much cleaner roll back so developers can be much more confident they can make changes, which in turn encourages them to add new functionality and to fix issues," said Shuttleworth.
"We have a lower footprint requirement on disk and we've done a huge amount of work to enable the onboarding process so that devices are secure by default. It's now possible to have a device that is extremely difficult to attack over the network unless you get physical access to the device itself.
"Ubuntu Core 16 is much more secure, more product ready and the developer experience is much the same. But the operating experience is a fulfilment of several years of design and engineering."
Snappy's software packages, or snaps, are containerised application images digitally signed to confirm their integrity. Instructions such as when to update the system can be written into the documents so that policies can be easily configured and automated, potentially eliminating human involvement.
Snaps are also compatible with desktop and server versions of Ubuntu, meaning that applications packaged using the snap format can run on multiple platforms.
The entire operating system, including the kernel, major applications and libraries, is delivered as snaps, extending the ability to automatically roll back to the OS itself. Canonical said that any device running Ubuntu Core will receive free, regular and reliable OS security updates.
The updates for the system and application snaps are delivered as xdelta diffs, meaning that only code that has changed gets updated, and the updates are compressed before being delivered over the air to reduce bandwidth use.
The company said that it will continue to provide free updates for all its software.
"The snap mechanism really changes the game. Your lawnmower will update itself every day, your MRI device in a hospital can be presented with updates offline, cars and robots can update themselves in a very reliable fashion, but they can also get new software installed on them that gives them new capabilities," said Shuttleworth. μ
You can't fault them for speed
Investigation reveals that malicious code was injected into the firm's payment page
Plus the three-for-free
And it's not just on Ubuntu, neither