Kernel security: beyond bug fixing

It may seem like developers are insane about this, but when you contemplate just how much performance is left on the table with our security measures and abstractions right now, there is actually a LOT developers already have sacrificed on the pillars of performance.

With systems programming in particular, inefficiency itself often leads to its own bugs and security compromises farther up the stack. Developers *and* end users naturally route around inconvenient security systems and abstractions.

Heck, we can have drastically improved security and privacy on the Internet right now, if we're just willing to absorb a 5x increase in latency and decrease in throughput (which, if you think about it, we had to suffer with right now), but hardly anyone is willing to make that compromise.

At a higher level, the whole "remember my credit card" feature is an exercise in forgoing the minimal protections of an at least somewhat random and monitored credit card number that they carry with them everywhere for protection from what is almost always not-at-all-random and trivially crackable, not terribly well monitored, memorized password. Ask anyone who works in e-commerce how much more money they make with that feature.