Linked by Thom Holwerda on Tue 30th Aug 2011 17:29 UTC, submitted by Dale Smoker
OSNews, Generic OSes "What would an operating system look like it if were redesigned with security in mind? Joanna Rutkowska thinks she has the answer with the development of Qubes OS. We sit down for an interview with Joanna to discuss the way Qubes OS augments security."
Thread beginning with comment 487799
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: Secure OS?
by said1 on Wed 31st Aug 2011 13:47 UTC in reply to "Secure OS?"
said1
Member since:
2011-08-31

Talking of Unix like OSes as "Designed for Security" is a true oxymoron. Sandboxing and in depth code reviews a la OpenBSD don't help you very much when you have millions of lines of code running in kernel mode.
A far better choice would be a formally verified microkernel like seL4, where you don't even need that heavy sandboxing to properly isolate applications.

Reply Parent Score: 1

RE[2]: Secure OS?
by renox on Wed 31st Aug 2011 14:20 in reply to "RE: Secure OS?"
renox Member since:
2005-07-06

I agree with you, but 'better' is too strong, as don't forget that seL4 has quite a few drawbacks too:
1- the formally verified seL4 is much younger than OpenBSD.
2- it is proprietary: its source code isn't available.
3- to properly isolate applications on seL4, you don't need "heavy sandboxing" ok but I think that you need to use "capabilities" APIs: the number of applications which use such APIs is much smaller than POSIX/OpenBSD applications.

Reply Parent Score: 2

RE[3]: Secure OS?
by said1 on Wed 31st Aug 2011 21:11 in reply to "RE[2]: Secure OS?"
said1 Member since:
2011-08-31

I agree with you, but 'better' is too strong, as don't forget that seL4 has quite a few drawbacks too


Sure, and it have far more drawbacks, even if you can build something similar on top of "vanilla" (ehm... pistacchio) and open source L4, whose, even if not formally verified, security affinity is light years from monolithic kernels, it dramatically lacks of whatsoever is needed from a barely usable OS.
It is a matter of concept, Linux, *BSD, with all the security enabled bells and whistles as PaX, W^X, SELinux and so on... I'd rather name them all "Adapted for Security" rather of "Designed".

Reply Parent Score: 1