The vulnerable Raspberry Pi can be a gateway for hackers. It doens't matter whether you use this tiny computer for your home lab, as a firewall for your home network, or as a device in a NASA Laboratory: you are equally susceptible to cyberattacks. Small devices can do lots of damage: back in 2014, 100,000+ connected consumer devices such as smart refrigerators were used by hackers to send more than 750,000 malicious emails to businesses and indivudual around the world.
The framework for protecting Raspberry Pi-based systems from such unfortunate scenarios is widely known. All you need to do is change your default password and username, make sudo require a password, install a firewall and adhere to a few other best practices. Ensuring you have the latest security fixes is one of the most important ones. The only way to mitigate these exploits as a user of Debian-based distros (Debian, Raspberry Pi OS, Ubuntu) in Raspberry Pi-based systems is to keep your software, kernel and firmware up to date.
Free Raspberry Pi patching by KernelCare updates the Linux kernel running on R-pi based systems without disruption or downtime. With KernelCare your enthusiasts’ projects enjoy the same ease of use and security that thousands of installations of KernelCare already experience, at no cost. We currently support Ubuntu Focal Fossa for 64-bit ARM platform, and will soon support Debian and Raspbian. If you have a commercial project just visit the KernelCare for IoT page and apply for a free proof-of-concept.
Allocates kernel memory loads new, secure code into it
Momentarily pauses all processes in a 'safe' mode
Modifies original functions and jumps to new secure code, ensuring old (vulnerable) code can never run
Unpauses all processes and resumes
KernelCare is a live patching technology that supports applying patches to an actively running Linux kernel without requiring reboots. Using it in your Raspberry Pi projects is free and helps to keep your projects secure and disruption-free.
The Raspberry Pi is just another Linux platform supported by KernelCare. The live patching process is conceptually easy and totally automatic. You just load the new code to memory, identify the affected functions, pause the processes using these functions, change the pointers to the new code, and resume the processes. This happens transparently and without killing any processes.
Yes, free as in beer. Because we are using the same KernelCare capabilities used in our commercial offerings, you'll have to register to get your license, but you won't be followed up by sales or marketing emails (unless you want us to).
The installation and usage of KernelCare for Raspberry Pi is the same as in KernelCare Base or KernelCare+: simply run two commands, add your unique license key and enjoy KernelCare security on your Raspberry Pi devices.
You can register one license per email address. If you have multiple Raspberry Pi devices - feel free to register with different email addresses. If you have a commercial project - it makes sense to apply for a free proof-of-concept of KernelCare for IoT.
Currently supporting Ubuntu Focal Fossa on ARM64, Debian and Raspbian support coming soon. The currently supported chips are ARMv8: BCM2711, BCM2837 in particular.
We have a dedicated service for commercial projects - KernelCare for IoT - live patching for Linux kernels in Arm-based devices. KernelCare for IoT protects devices with on-the-fly kernel updates. The pricing is custom, and only provided after a proof-of-concept is achieved successfully. You can apply for a free PoC here.