Free software's not-so-eXZellent adventure
Free software's not-so-eXZellent adventure
Posted Apr 3, 2024 16:43 UTC (Wed) by khim (subscriber, #9252)In reply to: Free software's not-so-eXZellent adventure by draco
Parent article: Free software's not-so-eXZellent adventure
> But progress on that front seems frustratingly slow. Maybe because too few people are aware of the work
People are aware, as I have said it all goes back to iAPX 432 and PP 250 so more than half-century old by now.
But as it turned out people are not ready to pay for security, they expect to obtain it for free, somehow. And when I mean “pay” here I mean “pay with convenience”, not money.
I still remember how data security company tried to, somehow, sell it's warez in US. The first thing US marketing guys demanded is to neuter base security restrictions and remove mandatory pin use from the device!
And to this day all devices that we developing are made for convenience first, security second… and it's not clear if we may change that without civilizational collapse. Otherwise people wouldn't even think about exchanging convenience for security.
Flat address space, ifuncs and other such things are only sympthoms.
Posted Apr 3, 2024 22:19 UTC (Wed)
by ejr (subscriber, #51652)
[Link]
seL4 also has been around for quite some time, although it's a few decades younger than the Ada processor. I guess someone's getting use out of it as opposed to EROS, CapOS, and the like that couldn't gain funding to continue.
None of this is new. So far, no one has found a magic balance of security, capabilities (computation/device sense, not security capabilities), sane usage, and funding.
I absolutely would LOVE to be wrong.
Free software's not-so-eXZellent adventure