Potential for Unbotneted Fuchsia?

wait I thought that fuchsia was being created for phones and laptops, as a replacement for Android/ChromeOS?

A lot of it is pure momentum. There’s now more than three decades of software written for Unix and probably hundreds of billions of dollars in development cost put into the project. Replacing all that would be expensive, take a long time, and wouldn’t show immediate results.

Yes, but I think running a RTOS on a phone is retarded. With a scheduling model, certainly that would be a huge step forward towards a modern OS for a phone, especially since it uses the Vulkan backend and is fully open source unlike Android. I think the implications for something like Fuchsia is more interesting for embedded systems though.

Because Unix is bad, but it's still "good enough" so that OS design innovation has basically ceased.

if its good enough then it makes sense for further design changes to stop.

So here's what wiki has to say about it.

apparently this user
was right about it being intended for embedded, at least originally, but is now being designed for mobile shit and laptop/desktop as well (universal).

In what way is Unix shitty and what, specifically, should be changed and done better? (let's face it, you really mean MacOS and Linux)

It's "good enough" in the sense that even though it has many flaws, the implementations still have enough hacks so that people can mostly manage to do what they want to do. Obviously we should strive for something better. Is Sup Forums full of retards today or what?

I hope it all goes wrong so that android and google become a distant memory lmao

Almost everything still relies on performance and those hacks should take away said performance. If unix was just "good enough", many companies would have searched/developed something better.

The Unix Hater's Handbook covered this back in the 90s and it's only gotten more extreme since then with the rise of Linux.
>system architecture means fuck all if there are no applications or libraries
>system architecture means fuck all if you can't obtain the OS due to licensing or cost limitations
>system architecture means fuck all if you need a super expensive computer to run
Linux runs on systems that literally cost $5 retail and scales up to the entire TOP500 supercomputer list. You can't beat that on the low end or on volume. There are 40 years of application software for unix and Linux, most of it entirely free to use and redistribute. We've seen Linux itself and free applications for it devour entire categories of software (embedded kernels, web servers, load balancers, smartphones, cloud-scale hypervisors, media conversion, compilers and interpreters, unix workstations, etc.) because the competition wasn't a big enough step up to overcome the allure of free and good enough. This enormous library of POSIX software also means that unless you want to completely derive a modern computing environment from scratch you're probably going to need a POSIX compatibility layer, and at that point, why not just stick with Linux in the first place?

>Yes, but I think running a RTOS on a phone is retarded.
BBOS10 is based on QNX which was realtime unix-like system.
And it was great. Honestly the only thing that BBOS10 did wrong was getting released by Blackberry 5 years late to the smartphone party and failing to gain any traction over the already well established giants (Android and iOS).

This.

>why not just stick with Linux in the first place?
Because it's bloated and insecure?

Name a secure system that has the capabilities of Linux

None, sadly. Linux is probably the least bad option right now, but I don't think the current situation is good. I think Linux has several big problems:
- It's become too bloated.
- Its design hasn't historically taken security seriously (if it had, grsec patches would have been merged long ago).
- It's becoming apparent that complex software written in unsafe languages will always have lots of vulnerabilities, no matter how good the devs are.
- Monolithic design amplifies security issues and causes problems in mobile.

I think we should strive for a microkernel OS written in a safe language.

redox?

Newfag regarding OSs here, when you refer that Linux is too bloated you mean OS or the kernel, and why?
Also, monolithic design aside, why is it insecure?

>bloated
Ever heard of Damn Small Linux? It fit onto a 1.5MB floppy.
Know what a Raspberry Pi Zero is? Linux runs on that.

Retard.

>insecure
Oh yeah, because every other OS is so fucking secure in comparison?
It's not the OS that's insecure. It's the software stack and programs that have vulnerabilities. But even if you mean all that to be included in the term "this or that OS" you're still a fucking ignorant twat. Try writing a fucking line of code yourself you little shit.

a copypasta from 8 chon:

>Some software I was involved with developing had to undergo a security review. Little did I realize how unprepared for this event I was!
>It started off relatively benignly. I was sitting in one of the conference rooms, waiting for the external security consultant to come in. He arrived a minute or two after I had arrived.
>"Hello.", he started off. "I'm Steve and today we'll be performing a security review of the software you and your team have developed." He opened his laptop and started loading up the source code we'd provided to him earlier. He didn't even bother with any sort of friendly small talk.
>"So I see you chose C++." he said after a minute or so of looking at the code.
>"Yes, C++14.", I confirmed.
>"Unacceptable.", he stated without hesitation.
>I was slightly taken aback. "Pardon?", I asked.
>"C++ is unacceptable.", he stated.
>"We're using modern C++ techniques, including smart pointers and RAII. We also run our code through several static and dynamic analysis tools.", I explained.
>"C++ is unacceptable.", he repeated.
>We sat in silence for a couple of minutes as he continued to scroll through the code.
>"Why didn't you use Rust?", he finally asked.
>"Rust?", I replied. "We started this project before Rust 1.0 had been released. Plus our team is more familiar with C++."
>"C++ is unacceptable.", he repeated once again.

It's possible, but they're writing it mostly in their meme language so there aren't many potential users who'll remove the botnet.

It's the best option on the market right now.

>He was starting to get agitated. "Why the fuck didn't you use Rust?!" he asked once more.
>"I just explained why.", I responded.
>"Don't you give a fuck about guaranteed memory safety? Don't you give a fuck about threads without data races?", he asked loudly.
>"Well, yes, I do care about such things. But we can achieve those by using modern C++ sensibly."
>As expected, he replied "C++ is unacceptable. C++ is fucking unacceptable."
>I wasn't really sure what to do at this point. Clearly he didn't think C++ was an acceptable language to use.
>My pondering was cut short. He abruptly started screaming, "WHY THE FUCK DIDN'T YOU USE RUST?! DON'T YOU GIVE A FUCK ABOUT ZERO-COST ABSTRACTIONS?!"
>"C++ usually has zero-cost abstractions.", I pointed out.
>This sent him over the edge. His face started getting a very deep red color, and I could see he was getting extraordinarily angry. "C++ IS UNACCEPTABLE! C++ IS UNACCEPTABLE! YOU HAVE TO USE RUST! RUST IS THE ONLY PROGRAMMING LANGUAGE THAT RUNS BLAZINGLY FAST, PREVENTS SEGFAULTS, AND GUARANTEES THREAD SAFETY!"
>At this point I was starting to fear for my safety. I had read comments from Rust fanatics online, at places like Hacker News and Stack Overflow. But I had never expected these Rust advocates to be as egregiously agitated as this security consultant was.
>Noticing that the door to the conference room was slightly open, and thankful that I was sitting closer to the door than the consultant was, I made a dash for freedom. I slipped through the door, and immediately started running toward my manager's office.
>All the way I could hear the consultant screaming, "C++ IS UNACCEPTABLE! YOU NEED TO USE RUST BECAUSE IT HAS TRAIT-BASED GENERICS AND PATTERN MATCHING!"

>I quickly explained the situation to my manager, who was wondering what all of the yelling was about. He quickly dialed the office building's security team, but they must have been alerted beforehand by somebody else, because the consultant's yelling abruptly stopped mid-way through a rant about the importance of move semantics.
>To be perfectly honest, I have no idea what happened in the end. I assume the security consultant was promptly removed from the building. As for the security review of our software, I haven't heard about having to do any additional ones. Perhaps management realized that there were better uses for our time than listening to some lunatic berate us for using C++ instead of Rust.

What the fuck are you doing

I mean the kernel. It's just too big, it grows too fast, there's too much legacy code. The attack surface is just huge, and keeps increasing, and all of it is written in C.

Look: cvedetails.com/product/47/Linux-Linux-Kernel.html?vendor_id=33

This is unsustainable.

Not like the desktop is in a better shape, many distros are behind Windows on basic security mitigations today: archive.fosdem.org/2017/schedule/event/linux_desktop_versus_windows10/attachments/slides/1730/export/events/attachments/linux_desktop_versus_windows10/slides/1730/fosdem_linux_desktop_security.pdf

It could be a good candidate. Sadly I don't think how it can gain traction unless it gains some corporate support. I'm not very optimistic about the future, I think Linux will keep dominating, they will keep partially integrating grsec code, big vulnerabilities will keep being discovered, and nothing will change. At some point, Windows and macOS will be locked down so much that they will be more secure in practice for the average user. Big cloud providers will probably start using custom hardware to ensure integrity (like Google is already doing) or more virtualization to contain attacks.

I didn't mean bloated in that sense... and the competition being bad doesn't make it good. I was talking about the kernel, but the desktop itself is in a similar situation as I've said above.

Please don't mistake me as hating Linux, I use it daily and think it's the best we have now, but I think we should strive to do better.

>behind Windows on basic security
>Windows loads fonts and scrollbars into the kernel

posting an epic funny epic greentext i found

Windows 10 no longer does: blogs.technet.microsoft.com/secguide/2017/06/15/dropping-the-untrusted-font-blocking-setting/

Microsoft is getting serious about security, and it will pay off in the long run: blackhat.com/docs/us-16/materials/us-16-Weston-Windows-10-Mitigation-Improvements.pdf

So i'm not sure what your point is with some of this. I'm probably way too brainlet to get it (actually pretty likely), but:
>muh kernel is too big!
well if it were smaller, how would it be able to keep hardware compatibility? I would think that a lot of it is drivers and code to support all the various hardware that exists, so how could you shrink it and keep its ability to work on all the stuff it can work on? I mean maybe you could get rid of support for some ancient shit, but otherwise I don't see how you could shrink it/stop it from growing.

>Windows 10 is secure
>Windows 10 sends everything you do to the CIAniggers as """telemetry""" spyware
pick one and only one.

>bloated desktop
correct me if I'm wrong, but aren't even the more bloated DEs like GNOME still lighter than Windows?
Or you referring to bloat in a suckless-type way?

this, and because it was related to Rust, which redox is written in

c-can you post more cute desu, i'll trade a nines

I'd just like to interject for a moment. What you're referring to as Linux,
is in fact, GNU/Linux, or as I've recently taken to calling it, GNU plus Linux.
Linux is not an operating system unto itself, but rather another free component
of a fully functioning GNU system made useful by the GNU corelibs, shell
utilities and vital system components comprising a full OS as defined by POSIX.

Many computer users run a modified version of the GNU system every day,
without realizing it. Through a peculiar turn of events, the version of GNU
which is widely used today is often called "Linux", and many of its users are
not aware that it is basically the GNU system, developed by the GNU Project.

There really is a Linux, and these people are using it, but it is just a
part of the system they use. Linux is the kernel: the program in the system
that allocates the machine's resources to the other programs that you run.
The kernel is an essential part of an operating system, but useless by itself;
it can only function in the context of a complete operating system. Linux is
normally used in combination with the GNU operating system: the whole system
is basically GNU with Linux added, or GNU/Linux. All the so-called "Linux"
distributions are really distributions of GNU/Linux.

sure but lets also talk about technology shit at the same time, cause I got warnings for just posting cute boys

So how do you think a microkernel OS might affect usage from a user perspective, or the perspective of an admin? I mean there's all this talk about the philosophy of these things, and whether microkernels will be/are more secure, less performant, more modular/customizable, etc, but we never hear about how something like this might change the way we administer our systems.
What do you think?

>as if I didn't know this already and think it's bullshit in this post since we are talking about kernels.
>plus, no stallman pic
Was

i'm too brainlet on this subject desu please educate me what the difference is between a micro kernal os and a normal os

That's very true, stallman, but it may not be true permanently. There are distributions coming out now such as Alpine, which use busybox as coreutils, and musl libc. Void is also providing musl support, and Gentoo supports uclibc. It is certainly possible that there will be more situations in which a distro will replace various GNU system components with alternatives.

Although there is a reason why I somewhat agree with the idea of calling it GNU/Linux, or having some other name for this. That reason is all the retards i've seen saying "Android is actually Linux!" It certainly uses the kernel, and may have many open-source components, but it does not relate or compare to the freedom and customization of desktop/server Loonix

Well the general idea is that a monolithic kernel is one big process. It's one big thing that handles all hardware support and kernely things.
A microkernel is one where the kernel is really small, and drivers and various components are separate things which run in userland.

oh and I forgot my pic OwO

surely having software in userland directly accessing and working with hardware can be less secure desu?

well actually the idea is that it's more secure because if each component is a separate userland thing, if one part of the system gets compromised, it can't really mess with other parts. So like if some vulnerability is found in a driver, it doesn't impact the kernel itself because the driver is in userland.

Or at least that's what I've been hearing

So my point was whether this would have an impact on how the user, or more specifically an admin would interact with the system.
For all I know this would have no impact on that, and the user/administrator perspective on things would remain completely unaffected, but I have no idea because there really aren't any microkernel OSes. There's MINIX, but that's meant more for stuff like embedded, or for the Intel ME.
GNU HURD essentially dead,
Redox is way too early in development and I personally think it's a meme.
and Fuchsia isn't really out yet.

There's almost no user facing change other than possible performance overhead. It would make it easier to update individual drivers or modules but that's about it.

Basically this.
That being said AFAIK, microkernels have a great potential for being poorly efficient because they work with messages and the kernel is the middle man, referring that it handles who to send the messages to, so the receiver can solve the problem.

silly animeposters

fuchsia.googlesource.com/drivers/

BWAHAHAHAHA

so far all i can see is some "magma service driver" which i guess it the platforms equivalent of direct x or x that seems to only support some integrated intel chips

you will basically be able to do nothing with this OS except have it on phones, and that will take a massive amount of effort

the most it could be used as is a sort of Android 2.0

i'd say they wrote enough code to get the kernel and compiler off the ground and working on an intel display chip, that's certainly what it looks like

i am impressed if they genuinely have their own c compiler and kernel working off both x86 and amd64 archs

>dat license

Ok thank you
I imagine that would make a big difference in terms of keeping the system minimal and stuff. No need to compile the kernel, you could just add or remove modules without a reboot or a recompile.
How bad is the performance problem? Would it matter or be really major in today's computing world?
Also here's a boy.

i dont think it would make a difference desu like does an admin regualarly have to do things at ketnel level and if so wouldn't it make their job easier but may also make it easier for less tech illiterate people to accidently mess around with something they shouldn't my messing with

bsd 3 clause license is great for a commercial project like this, very permissive. I don't see why they'd bother writing their own c compiler?

i wonder if they have made this open source so they can let individuals work on it, buy them out mash it all together and then make it closed source imagine how much time theyd save on rnd

Performance overheard has decreased a lot from earlier designs like Mach (NeXT, OSX, Hurd) and Minix. Check out modern designs like NOVA and Fiasco.OC, or hell, Redox.

I actually gave redox a shot in a vm and its really rough right now, but kinda cool too. I think the cool thing is that they kinda have a sort of desktop GUI thing already. I would think it'd take way longer for that to happen. The performance is also not that bad from what I can tell. I dunno about CPU performance, but the RAM usage was like 400MB which is what I could probably expect from some GTK-based GNOME-looking thing they have going on, or at least that's what it appears to be.

The shell for the terminal is absolute garbage though. The tab-completion autocompletes shit in your history, rather than giving you the options you have at this point.

Also,
>girls
eww!

>compiler

all the system calls for the gcc or w/e windows/osx uses would be for their own kernel calls. the only thing they wouldn't have to write is presumably the direct translation from C to x86/arm/x64 assembly more or less

all the communication from the compiler to the kernel they'd have to write themselves. if they just used the gcc for example the binary would make kernel/sys calls that their kernel wouldn't understand

so unless they want all their applications running in wine or something like that for linux binaries they'd need to have their own compiler and devs would need to write the applications for the platform

there's a relatively complex process in bootstrapping the first compiler but yes they would need their own compiler unless they somehow had their kernel emulate windows or a linux kernel

It's their own UI library, OrbTK.

The Windows DE is actually very lightweight, GNOME uses literal orders of magnitude more memory than Windows

You sure? I'll check for myself but If that's true then I think I understand why everybody on this board seems to despise GNOME.

How do you think Wayland will affect this situation?

It's worse so far.
>GNOME is even slower
>Qt doesn't scale at all properly for hidpi and thus KDE is unusably broken
>naive scaling of XWayland windows isn't working yet so WINE shit or Steam games are unusable on hidpi
>everything else is half finished

that's a small portion of the compiler. final binary format (eg ELF which they may not re-invent), calling conventions (again go with something that exists), and finally syscalls. Fushia only has a hand full of syscalls to implement and that sort of code would be autogenerated anyways. I imagine the bulk of the work is to implement the c standard library to work with their kernel.

They don't need to port a compiler to run on Fushia, they can always cross compile from linux/amd64. I imagine they would/have ported golang and a few others though for convenience.

Writing in a safe language doesn't guarantee that it's secure, only that unexpected behavior is defined and easier to debug.

To expound on the grsec issue, spengler and his team never even attempted to submit patches to mainline so that shouldn't be a surprise at all. I'm not aware if seL4 or Fuchsia even have ASLR at all or even randomize the kernel address, so Linux is still ahead in security I would say.

Microkernels would be great to see in mobile, but in HPC and servers, while I think a lot of concepts from microkernels can be borrowed (as well as complete assurance like in seL4), minimizing performance impact from the kernel is crucial to freeing up IPC capacity for large scale applications with large amounts of hardware. Only time will really tell, and Linux will definitely be around for a while.

>spengler and his team never even attempted to submit patches to mainline
the mainline people all want patches to be broken up into smaller chunks that are simpler to add and debug piecemeal. I remember one time Linus yelled at the grsec people because not only did they not do that, their code looked deliberately obfuscated. Kees Cook is slowly bringing some grsec stuff into mainline but its rather slow going, all the more so because he has to care about avoiding regressions, which grsec didn't really bother with.

What's wrong with posix?

wth user those are some cute shotas

I use BSD/Linux, superior tools to GNU

you can't really just compile binaries and expect them to make kernel specific syscalls they don't know about.

unless you have a very robust ABI (maybe they do) that will allow their kernel to communicate with almost any binary, otherwise they'll need a compiler to ensure binary compatibility.

This. What are the issues with posix, because I haven't heard of any.

You should try Busybox/Linux aka Alpine
It's pretty gud

yes they are owo

Nothing's wrong with it per se, but it's sort of a boat anchor in terms of limiting the possibilities for new OSes.

please refrain from posting in a thread when you don't understand what is being discussed
some people need imposter syndrome to hit them much harder, you in particular

Perhaps, but there's Unix, Windows, and nothing else. Do you really think Windows was such a good idea?

I didn't think fuschia was Unix based

Yes, it was, and it continues to improve in spite of its size whereas with unix that just isn't the case. This is why instead of investing more resources, the likes of Google put forth efforts into something more futureproof. Hopefully this encourages unix programmers but that's unlikely due to very outdated and stubborn practices (again, one of the factors pushing others like google away).

I see that kind of post a lot on these types of OS threads. They say that unix needs to be replaced with a new paradigm, but they never actually say what that new paradigm is. I'd actually love to hear any ideas and chat about them.

Kees is a retard though, can't successfully implement any of the security features of grsec without causing bigger vulns.

>continues to improve
>not just layers of shit on top of literally the same unreadable code from 20 years ago

Linux kernel isn't even that big, everything people bitch about is separate modules.