Linked by Hadrien Grasland on Fri 14th Jan 2011 14:58 UTC, submitted by Debjit
GNU, GPL, Open Source "Steve Chang, the Chairman of Trend Micro, has kicked up a controversy by claiming that open source software is inherently less secure. When talking about the security of smartphones, Chang claimed that the iPhone is more secure than Android because being an open-source platform, attackers know more about the underlying architecture."
Thread beginning with comment 458460
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[10]: So what code is secure?
by moondevil on Sun 16th Jan 2011 22:17 UTC in reply to "RE[9]: So what code is secure?"
moondevil
Member since:
2005-07-08

Then please take some time to read about Oberon operating system:

http://www-old.oberon.ethz.ch/WirthPubl/ProjectOberon.pdf

The Spin operating system
http://www-spin.cs.washington.edu/

The Inferno operating system, which is partially programmed in Limbo
http://code.google.com/p/inferno-os/

The Microsoft Singularity project
http://research.microsoft.com/en-us/projects/singularity/

The Java Sqwak VM is mainly written in Java and runs on bare metal
http://labs.oracle.com/projects/squawk/

Just to name a few well known projects in the area of operating system research.

Edited 2011-01-16 22:18 UTC

Reply Parent Score: 2

Neolander Member since:
2010-03-08

The fact that some people do have coded OSs in C# or Java in practice does not necessarily means that it is a good practice as a whole. I mean, I'm sure that some people have also written OSs in BASIC in the past just for the fun of it...

Unless, of course, there's a way to write some heavily stripped-down C#/Java code, without all the management overhead, for the lowest-level parts. I think I've read somewhere that it's what Singularity does. But that more or less voids the point of using those languages at all, in my opinion, since you'd get something like C(++) with a slightly tweaked syntax. In fact, it's even a bad idea, since it gives developers a false sense of security, and frustrates them when they realize that the simplest features of such languages are library-based.

Removing all the useless features which make mainstream desktop OSs gigabyte-large + stripping down kernels to the point where their sole task is to manage user processes + testing vital components heavily would be simpler and more effective, in my opinion.

Edited 2011-01-17 08:46 UTC

Reply Parent Score: 1

moondevil Member since:
2005-07-08

Well at least Oberon and Inferno do have commercial users, so some people do think that they perform well enough for their tasks and are willing to pay for them.

http://www.vitanuova.com/inferno/
http://www.oberon.ethz.ch/partnerships/index

Maybe you should talk with their users and tell them how dumb they are to invest money in such OS.

Reply Parent Score: 2