User: Password:
|
|
Subscribe / Log in / New account

New GNU Hurd, Mach, and MIG releases

New GNU Hurd, Mach, and MIG releases

Posted Sep 29, 2013 15:19 UTC (Sun) by mpr22 (subscriber, #60784)
In reply to: New GNU Hurd, Mach, and MIG releases by el_presidente
Parent article: New GNU Hurd, Mach, and MIG releases

Not merely "developers", but "people who will develop user-facing software that people who are not ultra-niche computer enthusiasts care about"


(Log in to post comments)

New GNU Hurd, Mach, and MIG releases

Posted Sep 29, 2013 20:26 UTC (Sun) by rgmoore (✭ supporter ✭, #75) [Link]

I don't think user-facing software is the critical part. It needs a group of developers who are intending to use it for serious, real-world applications. Those applications can be user-facing, server based, embedded, or whatever, but they have to be something people depend on. Having users who depend on it will give a committed developer base. Without that, it's just a hobbyist system that has people working on it because it's cool, and they'll be tempted to jump to something else that appears cooler.

New GNU Hurd, Mach, and MIG releases

Posted Sep 30, 2013 20:57 UTC (Mon) by drag (subscriber, #31333) [Link]

Everybody is 'users' to somebody else. It just depends on the audience you are focusing on. If you are writing low-level system libraries then the 'users' are the application developers that chose to depend on your library.

What is needed to move beyond 'nitch hobbyist' to solve a unique problem or solve a problem in a superior way to a existing solution and then convincing people that their lives will be easier if they use it.

So far 'Microkernels' have been long on promises, short on results. Promises of security and stability improvements have never materialized while performance and scalability remains a perennial problem. Hence why so far they remain hobbyist toys. I think that even at this point the academics have moved on.

New GNU Hurd, Mach, and MIG releases

Posted Sep 30, 2013 22:29 UTC (Mon) by Cyberax (✭ supporter ✭, #52523) [Link]

Looks like we're experiencing the second iteration of microkernels with hypervisors and guest OSes..

New GNU Hurd, Mach, and MIG releases

Posted Oct 1, 2013 22:15 UTC (Tue) by marcH (subscriber, #57642) [Link]

"I once heard that Hypervisors are the living proof of Operating System's incompetence."

http://linuxconeurope2012.sched.org/event/bf1a2818e908e3a...

Micro kernels, virtualization, zones, containers,... we are all spoilt with choice.

New GNU Hurd, Mach, and MIG releases

Posted Oct 1, 2013 9:10 UTC (Tue) by HelloWorld (guest, #56129) [Link]

I think the problem with microkernels is that nowadays the same benefits can be achieved with memory-safe programming languages. I think that Rust, which incidentally had its 0.8 release just a few days ago, is a prime candidate for this kind of programming.

New GNU Hurd, Mach, and MIG releases

Posted Oct 1, 2013 14:12 UTC (Tue) by drag (subscriber, #31333) [Link]

It would be nice.

New GNU Hurd, Mach, and MIG releases

Posted Oct 1, 2013 16:47 UTC (Tue) by nix (subscriber, #2304) [Link]

I think the problem with microkernels is that nowadays the same benefits can be achieved with memory-safe programming languages.
That was, I believe, the hyped-up promise of the Java security model. It doesn't really seem to have worked all that well...

New GNU Hurd, Mach, and MIG releases

Posted Oct 1, 2013 21:52 UTC (Tue) by HelloWorld (guest, #56129) [Link]

Most of Java's security issues are related either to unsafe code called via JNI or to JVM bugs concerning malicious class files. The first class of bugs of course also applies to C programs since C doesn't even try to be memory-safe. The second class of bugs is irrelevant for a kernel, because if you have the right to load code into the kernel the system is compromised anyway. So yes, Java programs are a lot more secure than C programs, occasional bugs notwithstanding.

New GNU Hurd, Mach, and MIG releases

Posted Oct 1, 2013 23:44 UTC (Tue) by wahern (subscriber, #37304) [Link]

How do you go from describing the origin of bugs in Java-the-language-implementation to arguing that Java programs have fewer bugs than C programs?

PHP is "safer" than C in the same regards. Would you also argue that PHP programs tend to be safer and have fewer bugs than C programs?

I'm not at all sure that Java programs tend to be safer than C programs in 2013. Buffer overflows and stack smashing are pre-eminent in the C world precisely because many other classes of exploitable bugs are less prevalent, for many different reasons--engineer experience, typical usages, etc. C also tends to get more CVE reports precisely because historically has predominated in large, widely used programs that are under the microscope.

I'm not saying that Java programs are less secure. Maybe they're more secure. But the type of memory corruption possible with C is but one factor, and the potential for the same kind of corruption exists in all languages when executed on commodity hardware. And advances in mitigation techniques has narrowed the gap substantially in terms of the susceptibility to exploitable memory corruption.

New GNU Hurd, Mach, and MIG releases

Posted Oct 1, 2013 23:45 UTC (Tue) by wahern (subscriber, #37304) [Link]

I meant, "that Java programs have fewer security bugs (i.e. are 'safer') than C programs".

New GNU Hurd, Mach, and MIG releases

Posted Oct 2, 2013 1:00 UTC (Wed) by Cyberax (✭ supporter ✭, #52523) [Link]

PHP programs are in general far more secure than C-based ones. However, PHP itself is horrible for web development.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds