The Genode project released the fourth version of their Sculpt operating system, subtitled as “Community Experience”. The background of this slogan is the project’s ambition to remove the need for any middleman between developers and users. In contrast to today’s mainstream OSes, which rely on trusted distributions or app stores, Sculpt works completely federated. The integrity of the installed software is protected by digital signatures of the respective software providers while each piece of software is sandboxed both at installation time and at runtime. This way, users don’t need to be faithful but enter a position of ultimate control. This is capability-based security at work!
As explained in the accompanying blog posting, Sculpt CE features an new user interface to integrate software into the running system and to reveal the trusted computing base of each component.
Without a middleman between software providers and users in Sculpt OS, there is the obvious question: How can a user find software? The Genode project tries to answer this question with their community blog called Genodians.org started earlier this year. It gives Genode developers a way to announce new software while users can share their perspectives and ideas. Just like Sculpt OS, the content of Genodians.org is managed in a federated fashion.
Sculpt CE is available as a ready-to-use disk image bootable from a USB stick. The release is accompanied with comprehensive documentation that covers both the use the system and the philosophy behind it.
This release is a perfect example of what I love about Genode! After years of steadily building their OS Framework from experimental foundations into a robust platform, in 2018 they turned their attention to creating “Sculpt” as a general-purpose, end-user-focused system. Each release has incrementally improved the situation, but this one (“CE”) takes it to a new level.
The “Live Component Graph” is a novel concept, that shows each running component in the system along with the connections between them, updated in real time. Clicking on a component shows some info about the component’s resource usage, allows you to remove it, but now also highlights its trusted computing base!
But the biggest addition is the Depot concept that Norman talks about, which allows run-time software installation (from multiple sources) and configuration, in a friendly but powerful way. Again, they have approached the problem from a different direction, with a surprisingly clean but flexible result.
There is still a long way to go, but this release is definitely the time for OSNews types to check it out! (Norman didn’t mention it, but there is also a VirtualBox “appliance” on the downloads page, for those of us without supported hardware.)
I recommend reading the “Genodians” article first (https://genodians.org/nfeske/2019-03-19-sculpt-ce), which is very brief, just to get an overview. The main “Sculpt CE” article (https://genode.org/documentation/articles/sculpt-ce) is longer, but it is easy to follow, and combines an quick overview of the system design with a tutorial for getting started.
Then check out the new “Genodians.org” site, which has everything from helpful hints for beginners, to in-depth technical articles, to progress updates from third-party community members (does the Haiku userland atop Genode sound interesting?).
(P.S. If this sounds like an advertisement, it isn’t. I have no relationship with Genode Labs except as a hobbyist and enthusiast. I am bored and depressed by the state of most of the computing world, and as far as I can tell, Genode offers the best hope for the near future, with the combination of clean, trustworthy design, open software principles, cross-platform support, and excellent project management.)