Hi, Thanks for the work you guys have been doing.
It looks to be a useful tool to prevent the sitting duck devices from attacks until the secure patch is applied after a long time.
This tool looks very useful and I have few queries to clear out before using your work.
- Who will write the eBPF patches ?
e.g. If I am going to use this tool in our ecosystem.
i. For a hypothetical scenario suppose a CVE is detected and its fix was provided by the open source community. Now its eBPF patch should be implemented by open source people or the OEM team who is using the open-source ?
ii. If open-source community has to write the eBPF patch then its an additional task for them and I am not sure if they will do it.
iii. If OEM developer team has to implement the eBPF patch then they would required the skillsets to implement it which is not as simple. First, they have to understand the background of the issue, understanding of the library/source code, understanding of eBPF framework and of RapidPatch. Its not a small task. Please correct me if I have mentioned which is not correct in my understanding.
iv. Is the eBPF and Code replace filters are generic in nature to handle that kind of defects appearing in future in some other libraries ?
v. Do you suggest any way to automate the generation of eBPF and Code replace filters ?
Hi, Thanks for the work you guys have been doing.
It looks to be a useful tool to prevent the sitting duck devices from attacks until the secure patch is applied after a long time.
This tool looks very useful and I have few queries to clear out before using your work.
e.g. If I am going to use this tool in our ecosystem.
i. For a hypothetical scenario suppose a CVE is detected and its fix was provided by the open source community. Now its eBPF patch should be implemented by open source people or the OEM team who is using the open-source ?
ii. If open-source community has to write the eBPF patch then its an additional task for them and I am not sure if they will do it.
iii. If OEM developer team has to implement the eBPF patch then they would required the skillsets to implement it which is not as simple. First, they have to understand the background of the issue, understanding of the library/source code, understanding of eBPF framework and of RapidPatch. Its not a small task. Please correct me if I have mentioned which is not correct in my understanding.
iv. Is the eBPF and Code replace filters are generic in nature to handle that kind of defects appearing in future in some other libraries ?
v. Do you suggest any way to automate the generation of eBPF and Code replace filters ?