Do we have any friends left Sup Forums...

It's literally a matter of "Which company do you trust with your data more? Your telecom, or Facebook?". There is no "This one is more secure!!" in this context.

The web was a mistake.

Time to go back to disconnected machines and sending each other textfiles on disks.

> hobbyist GNU/Linux distros like Void
and Alpine Linux
dont forget Alpine Linux

No, let's go deeper. Let's go microkernel OS. Genode looks promising

genode.org/about/index
>CPU architectures: x86 (32 and 64 bit), ARM, RISC-V
Most important of those of course being RISC-V and ARM, although x86 is also supported
>Kernels: most members of the L4 family (NOVA, seL4, Fiasco.OC, OKL4 v2.1, L4ka::Pistachio, L4/Fiasco), Linux, the Muen separation kernel, and a custom kernel.
So it will support a variety of kernels, mostly microkernels in the L4 family.

Here's a list of components it provides as of right now.
genode.org/documentation/components

A recent release note, covering a promising OS project made from the framework called Sculpt
genode.org/documentation/release-notes/18.02

wasm and asm.js might improve it a little bit

there's no going back

GUIs and "user-friendliness" were a mistake.

Microkernels piss me off. Ideally you should have a hybrid kernel where there's a monolithic kernel that's fixed in kernelspace that can be extended through modular microkernels managed by the main monolithic one. But not everything needs to be its own process. I'd completely shit all over the idea of microkernels all together if it weren't for their ability to have drivers out of kernelspace. Literally one of the only redeeming features.

Not with that attitude.

not with any attitude
you need to accept this and move on

Attached: behindthispost.jpg (491x491, 42K)

I'm still not buying your fruity toys, Pajeet.

>Microkernels piss me off.
>But not everything needs to be its own process.
I recommend you read this. It's about Minix3, but applies to microkernels as a general concept
wiki.minix3.org/doku.php?id=www:documentation:reliability

meanwhile alphabet agency backdoor systemd is

Sounds all warm and fuzzy but the more kernel processes you run, the slower it gets, and the harder it is to find and fix bugs. Microkernels are great in theory but I don't trust incompetent faggot hipsters and Pajeets not to bloat the hell out of the kernel by piling on more and more modules in hackjob workarounds for managing other kernelspace modules. You need to have a larger, monolithic type kernel core that encompasses a lot more than MINIX shit does so that you won't run into bigger problems down the line. Hybrid kernels are they way to go.

>The future is going to be OpenBSD and hobbyist GNU/Linux distros like Void on RISC hardware.
no
>Intel hardware ships with a hardware hypervisor that's incredibly difficult to disable
>AMD has a version with no workarounds.
nobody is going to pressure Intel/AMD into getting rid of them
the ME/PSP is required for DRM video playback
>Phones all have poorly isolated modems and non-free bootloaders.
nobody will pressure vendors into fixing this
>I want to see a resurgence of removable batteries and storage, and the ability to install your own software. Modularity and openness are important.
nobody will pressure vendors into doing this and it won't magically happen on its own

just give up dude, the golden age is over
it'll be better for your sanity

Lol, couldn't hide the nose.

>no
No.
>nobody is going to pressure Intel/AMD into getting rid of them
We don't have to. We're building alternative hardware. x86 is useless except for closed source legacy trash. Everything open source can and will be ported over.
>the ME/PSP is required for DRM video playback
Bull fucking shit. I stripped the IME firmware in my Intel laptop and installed Coreboot and DRM video playback works fine under Windows.
>nobody will pressure vendors into fixing this
Librem 5 raised more than double what they were asking for. It's happening. I'll do an unboxing for Sup Forums next year when I get mine.
>nobody will pressure vendors into doing this and it won't magically happen on its own
Talos II and Librem 5 are doing. The Librem 5 will have an SD slot and removable battery. It's also easy to make cheap Raspberry Pi laptops that get weeks of battery life.
>just give up dude, the golden age is over
>it'll be better for your sanity
Never.

Attached: penguin-angry-tran.1.gif (174x382, 15K)

>Sounds all warm and fuzzy but the more kernel processes you run, the slower it gets
ah yes the classic "muh performance" argument
People have been saying that shit for decades. At this point and time in technology, I'd figure processors should be more than fast enough for this to be a non-issue. Even if it is, I hear the L4 series could make this fairly miniscule (i've seen talk of only a 6% overhead, but can't confirm).
And EVEN IF all of the above is somehow wrong, are you really so fucking addicted to marginal performance boosts that you would prefer a less secure design just to keep them?
>I don't trust incompetent faggot hipsters and Pajeets not to bloat the hell out of the kernel by piling on more and more modules in hackjob workarounds for managing other kernelspace modules.
>You need to have a larger, monolithic type kernel core
so in other words,
>the project may get compromised somehow
>SO LET'S JUST GIVE UP ON THE WHOLE FUCKING CONCEPT
Also keep in mind that microkernels such as seL4 go through a rigorous formal verification process. It's not going to get compromised like that, and faggot hipsters would be scared away anyhow.

>i've seen talk of only a 6% overhead
that's with L4 + Linux as a single monolithic server
>muh performance
performance still matters

I have only one word for you: systemd.

>performance still matters
Then why in the fuck would you use OpenBSD, an OS that is notorious for being worse-performing than other similar OSes

Also, nice job not responding to the rest of the post

I have five for you: Not relevant to this conversation

Is Alpine GNU? I thought it was just Linux, no GNU

there is a package or two in the vanilla, and there are about ~50 packages in the vanilla version, so it's about from 2/50 to 3/50 GNU but you can replace the packages or install new to make it more or less GNU. I removed GNU acct but installed GNU less because the less of busybox didn't work with git diff.

Genode is also GPLv3 and the developers eventually want to make it usable for low latency multimedia. They're really missing only a few parts that aren't currently on the roadmap:
>Firefox or QtWebEngine ported for a good browser
>a good journaling or log structured filesystem for bulk storage (F2FS, ext4, XFS, NILFS2, etc.)
>drivers for AMD, Broadcom (RPi), and Vivante (i.MX) GPUs
>NFS and/or CIFS clients
Between those and some more USB drivers (printers, audio, midi) you've got the basis for a heck of a desktop OS with Qt as the native toolkit.

but I don't think the distro itself labels itself "GNU", most of the initial packages come under non-copyleft licences. And it's less bloated than typical GNU distros.

>Firefox or QtWebEngine ported for a good browser
That'd be nice. A modern web browser is pretty essential these days for an OS to be usable.
would be neat if they could get QtWebEngine or *webkit working on there.
>a good journaling or log structured filesystem for bulk storage (F2FS, ext4, XFS, NILFS2, etc.)
no chance of BTRFS/ZFS?
oh well
>drivers for AMD, Broadcom (RPi), and Vivante (i.MX) GPUs
These are a necessity. although i'm honestly surprised that it even has the intel driver.
Also, It's cool that they actually may have sound working, at least according to the component list. That's more than I can say for minix3 (I tried it recently)
>NFS
YES

>no manpages

QtWebKit already works. In a few releases Arora or some other browser should be packaged.

Also I just thought of the last big one: OpenVPN.

I'm going to make an anchor baby.

Alpine is great for containers and VMs. I wouldn't want to use it for my desktop though.

you can install them if you want
Why not? It works for me but I only code and browse.

Not many packages, and you also can't run widely distributed binaries without also installing gnu libc or sandboxing which kind of defeats the purpose.
I mostly use void on my desktop systems and I find that regular "apps" tend to "just work" a lot more often.

>ah yes the classic "muh performance" argument
How's that kind of thinking working out for Intel? People are pissed because the patches have like a 20% performance hit. When someone buys hardware and/or software, they expect it to work as advertised forever without drastic performance hits due to some Pajeet-tier optimization problems.

> are you really so fucking addicted to marginal performance boosts that you would prefer a less secure design just to keep them?
The performance boost from the "less secure" hybrid design would initially be quite small. But that's not why I'd do it. I'd do it because the hybrid kernel design prevents any potential future bloat from having as great of an impact, and it makes it easier to hunt down bugs in the most vital parts of the code, which will be in that core monolithic-like kernel module. It just makes sense.

>the project may get compromised somehow
>SO LET'S JUST GIVE UP ON THE WHOLE FUCKING CONCEPT
That's not what I'm saying. You'll bitch about security, but then turn around and refuse to acknowledge the preemptive security edge you get with the hybrid design. You're too busy beating your dick to the instant gratification you'd get from absolutely modular design, but you aren't planning ahead. The kernel isn't just made for today, but for today and tomorrow. Start with a sane kernel design, because an overhaul of the kernel down the road will fuck up lots of other programs, maybe even with just one module being changed. A hybrid kernel will either bypass or soften the impact of such issues.

OpenBSD works fine on everything, including a 200MHz SGI MIPS toaster I have. I don't know where you're pulling that information from. I use it because it's somewhat secure, and the devs are sane and reasonable human beings.

It's very relevant. It shows how lots of modular services and applications can be bundled back up into one big ball of shit if permitted in the OS design (or lack thereof).

Attached: 1516083634999.png (680x788, 145K)

(1/2)
>How's that kind of thinking working out for Intel? People are pissed because the patches have like a 20% performance hit. When someone buys hardware and/or software, they expect it to work as advertised forever without drastic performance hits due to some Pajeet-tier optimization problems.
That's kinda part of my point. The Intel vulnerabilities, from my understanding, were caused by Pajeet-tier optimization, without regard for safety. Yeah people are pissed about the performance hit, but the chips shouldn't have been designed that way in the first fucking place.
>The performance boost from the "less secure" hybrid design would initially be quite small. But that's not why I'd do it. I'd do it because the hybrid kernel design prevents any potential future bloat from having as great of an impact, and it makes it easier to hunt down bugs in the most vital parts of the code, which will be in that core monolithic-like kernel module. It just makes sense.
ooh boy let's break this down
>The performance boost from the "less secure" hybrid design would initially be quite small
right, so why do it?
>But that's not why I'd do it
ok...
>I'd do it because the hybrid kernel design prevents any potential future bloat from having as great of an impact
I fail to see how a hybrid design would have any advantage here. It feels like you just pulled this out of your ass.
>and it makes it easier to hunt down bugs in the most vital parts of the code, which will be in that core monolithic-like kernel module
Ok this is the most retarded part. So you're talking about the most vital parts of the code, which are assumed to be the kernelspace code. That makes sense because once you control the kernel, you control everything.
But how in the holy mother of Stallman's foot cheese does a hybrid kernel design make it easier to hunt down kernelspace bugs than a microkernel design?

(2/2)
>That's not what I'm saying.
Then what were you saying?
>You'll bitch about security, but then turn around and refuse to acknowledge the preemptive security edge you get with the hybrid design.
What is this "preemptive security edge" meme with the hybrid kernels? I call bullshit
>You're too busy beating your dick to the instant gratification you'd get from absolutely modular design, but you aren't planning ahead
No, i'm beating my dick to the security benefits of the microkernel design.
>The kernel isn't just made for today, but for today and tomorrow. Start with a sane kernel design, because an overhaul of the kernel down the road will fuck up lots of other programs, maybe even with just one module being changed.
Didn't we start this whole conversation talking about Genode? That's a common OS framework that works across various different microkernels. Why would an overhaul fuck your shit up, when you can literally swap out the entire kernel for a different one, interchangeably?
Because there's not as much going on in kernelspace, there's not as much for programs to hard-depend on.
>A hybrid kernel will either bypass or soften the impact of such issues.
It will do the opposite. Because there is more happening in the kernel itself, there is more for programs to depend on. Thus, if the kernel needs an overhaul, you're more likely to be fucked.

>OpenBSD works fine on everything, including a 200MHz SGI MIPS toaster I have. I don't know where you're pulling that information from.
To be fair, it may have been over-exaggerated. Also, I sadly don't remember where I saw it.
>I use it because it's somewhat secure, and the devs are sane and reasonable human beings.
Good for you. Seems rather comfy!

Attached: dicks.jpg (620x452, 32K)

you use void with glibc or musl?

>I fail to see how a hybrid design would have any advantage here. It feels like you just pulled this out of your ass.
The monolithic piece of the kernel (or kernel core) can regulate other modules as services, and sort of act as a supervisor. You might argue that this is less secure, as you essentially have one piece that controls the other stuff in kernel space. But hear me out. You still get the extensibility and portability of a microkernel, but it also comes with the advantage of forcing a certain design on the system. You force certain key services to be implemented in the big kernel, and then the little kernels, or services, can be run elsewhere, be that in kernel and/or user space. You get tighter control over the ecosystem as a whole this way.

It's hard to explain, and I unfortunately don't have a good open source hybrid to display what I'm talking about. I've only seen this in proprietary embedded systems that I didn't develop. Imagine in Linux you had the kernel itself forcing certain services provided by systemd to be run instead as extensions of the kernel itself, and disallowing the big ball of shit approach by design. Because at least then, you have these services integrated more tightly with the kernel, and little baby Poettering can't come along and fuck your shit up.

Attached: 121826136284.png (500x388, 92K)

cont.

>But how does a hybrid kernel design make it easier to hunt down kernelspace bugs than a microkernel design?
They'd be easier to hunt down with in the core monolithic kernel only, but would still provide the same debugging challenges found in other microkernels when fixing the other modules. At least you'd have a base/core that's easier to debug, with the added stuff I mentioned above.

>What is this "preemptive security edge" meme with the hybrid kernels?
You Poetter-proof it, basically.

>Why would an overhaul fuck your shit up, when you can literally swap out the entire kernel for a different one, interchangeably?
I want to make it so that it fucks things up. I'd be doing it on purpose. I want the kernel to have a somewhat fixed design. A pure microkernel OS is too modular. It's good to have a mix between the two design concepts.

>Because there's not as much going on in kernelspace, there's not as much for programs to hard-depend on.
REEEEEEE stop abstracting all the things.

This is frustrating as all fuck because I know what I'm talking about here, but with no good way to articulate it and no examples to show. And I can't write a kernel in one night to prove my shitposting right.

Attached: the cuckest.png (620x388, 430K)

I tried alpine but there is so little documentation. If you got a problem the arch wiki might not be able to help you.

I'm getting tired of this argument, so i'll just keep it short-ish. A lot of what you're talking about seems very contradictory or look like terrible ideas on the surface, mainly the part about forcing systemd to run as a kernel extension (because of course we all want poetteringware to run closer to the fucking kernel).
In this second post, you don't explain why having a bigger kernel would be easier to debug than a smaller one, which is ultimately what this boils down to from what I can see. You just kinda seem to say that it is, deal with it.
Shit gets weird a bit later, when you say that you WANT it so that an overhaul would fuck things up. I thought for damn sure you were complaining about that as if it was a bad thing, but I guess I was mistaken.
>REEEEEEE stop abstracting all the things.
REEEEEEE stop using operating systems based on the UNIX philosophy.

...In all seriousness though, I think this might be the big issue between us on this. I want more isolation, more separation of components and shit like that. I want things to be interchangeable and modular. Kernel is fucked or just full of legacy shite? Just swap in a new one, and it won't force programs to have to be rewritten or modified!
You seem to have an issue with this level of abstraction. I still am unsure of why that is, but it looks like you still want to hang on to some monolithic-ness in the system, which due to the fact that I don't really buy your systemd kernel extension argument, just seems like a less secure system.

I'm sure you've got some good ideas that i'm just not getting, and it would be nice if there were some real examples of what you're talking about, but I think for now we'll just agree to disagree. Was fun chatting with ya. I might actually check out some *BSD stuff since you brought it up earlier.

I'm going to try to write a kernel now.

Attached: 1519696515205.jpg (250x250, 6K)

I wish you luck