Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Europe Funds Secure Operating System Research

kdawson posted more than 5 years ago | from the software-heal-thyself dept.

Operating Systems 376

narramissic writes "A Dutch university has received a $3.3 million grant from the European Research Council to fund 5 more years of work on a Unix-type operating system, called Minix, that aims to be more reliable and secure than either Linux or Windows. The latest grant will enable the three researchers and two programmers on the project to further their research into a making Minix capable of fixing itself when a bug is detected, said Andrew S. Tanenbaum, a computer science professor at Vrije Universiteit. 'It irritates me to no end when software doesn't work,' Tanenbaum said. 'Having to reboot your computer is just a pain. The question is, can you make a system that actually works very well?'"

cancel ×

376 comments

Sorry! There are no comments related to the filter you selected.

Wait a second... (5, Funny)

Anonymous Coward | more than 5 years ago | (#27743003)

I thought Windows was secure. Why not use that? *cough* *cough*

Re:Wait a second... (4, Insightful)

4D6963 (933028) | more than 5 years ago | (#27743011)

I thought Windows was secure. Why not use that? *cough* *cough*

I thought OpenBSD was secure. Why not use that?

Re:Wait a second... (0, Redundant)

polar red (215081) | more than 5 years ago | (#27743027)

I thought Windows was secure. Why not use that? *cough* *cough*

I thought OpenBSD was secure. Why not use that?

I thought DOS was secure. Why not use that?

Re:Wait a second... (2, Funny)

Zumbs (1241138) | more than 5 years ago | (#27743051)

I thought Windows was secure. Why not use that? *cough* *cough*

I thought OpenBSD was secure. Why not use that?

I thought DOS was secure. Why not use that?

I thought stone tablets were secure. Why not use them?

Re:Wait a second... (-1, Flamebait)

aliquis (678370) | more than 5 years ago | (#27743267)

I think I'd rather use Windows than Minix even if Minix would be more secure ..

Re:Wait a second... (3, Funny)

Anonymous Coward | more than 5 years ago | (#27743321)

I think I'd rather get raped by a polar bear than use Windows. It hurts much less.

Re:Wait a second... (0)

Anonymous Coward | more than 5 years ago | (#27743373)

I think I'd rather use Windows than Minix even if Minix would be more secure ..

Then hand in your geek-card and don't let the door hit you on the way out.

kthxbye

Re:Wait a second... (3, Funny)

Anonymous Coward | more than 5 years ago | (#27743043)

I though Minix was dead for some 15 years....

Re:Wait a second... (2, Insightful)

Anonymous Coward | more than 5 years ago | (#27743093)

It is. This is just some researchers grabbing fund money. Nothing will come from this.

Re:Wait a second... (1, Funny)

Anonymous Coward | more than 5 years ago | (#27743125)

It was. Appearantly Tanenbaum is renaming Minix to Lazarus as we speak. In a non-related story A.T. is renaming himself to Jesus.

Why would you think Minix was dead? (5, Funny)

jonaskoelker (922170) | more than 5 years ago | (#27743367)

I though Minix was dead for some 15 years....

Did netcraft confirm it?

Re:Why would you think Minix was dead? (0)

Anonymous Coward | more than 5 years ago | (#27743395)

Netcraft wasn't even founded as Minix was already dead

Re:Why would you think Minix was dead? (2, Interesting)

AHuxley (892839) | more than 5 years ago | (#27743477)

Did SCO confirm it?

Re:Wait a second... (2, Informative)

Z00L00K (682162) | more than 5 years ago | (#27743447)

Minix did get an reputation of being unstable some 20 years ago, but of course - much have happened since then.

The more interesting thing is that Minix has a different architecture than Linux using a microkernel. This is in some ways a good idea, even if it also have disadvantages.

Re:Wait a second... (1)

Lord Bitman (95493) | more than 5 years ago | (#27743531)

Why don't we all just use HURD, then?

Re:Wait a second... (4, Interesting)

xouumalperxe (815707) | more than 5 years ago | (#27743239)

I guess the idea is less about creating an all around well-built system that's pretty secure in practice, and more about creating something that, even if it might have implementation bugs today is fundamentally, conceptually more secure.

Re:Wait a second... (1, Insightful)

Jurily (900488) | more than 5 years ago | (#27743487)

more about creating something that, even if it might have implementation bugs today is fundamentally, conceptually more secure.

So they're dropping C?

Re:Wait a second... (4, Interesting)

Hurricane78 (562437) | more than 5 years ago | (#27743599)

That was my thought too. If you want to do it right, why not program it in Haskell in the first place. Sure, it might be a little bit slower (not even much actually). But if you go for security, that's not that important anyways.

Now how they will solve the PEBKAC problem, if they end up with a TCPA-like system (in the original intended way of protecting the user, not protecting from the user) and what they will do against tricks like remotely reading computer input, the inevitability of programming errors and bios virii, is a completely different question.

Re:Wait a second... (4, Interesting)

Jacques Chester (151652) | more than 5 years ago | (#27743403)

The sad thing about Windows NT is that the design was pretty good, the implementation was OK, but the default security policy is totally useless. Hooray for backwards compatibility.

My Windows WAS secure (0)

Anonymous Coward | more than 5 years ago | (#27743545)

Until I plugged the network cable in!

A very good question (3, Insightful)

oneirophrenos (1500619) | more than 5 years ago | (#27743009)

The question is, can you make a system that actually works very well?

I'm glad someone finally got to asking this question.

Re:A very good question (-1, Flamebait)

Anonymous Coward | more than 5 years ago | (#27743021)

What a useless post. Researchers have been trying to answer this question for years.

Re:A very good question (2, Funny)

aliquis (678370) | more than 5 years ago | (#27743295)

10 print "no"
20 goto 10

Re:A very good question (2, Interesting)

u38cg (607297) | more than 5 years ago | (#27743109)

You can. It just requires well defined inputs and outputs and to run on certified hardware. Software, heal thyself? There's a reason self-modifying code is frowned upon. Besides, is kernel reliability really an issue these days? Even the Windows kernel only really crashes when you feed it bad memory.

Re:A very good question (4, Informative)

Chrisq (894406) | more than 5 years ago | (#27743161)

Software, heal thyself? There's a reason self-modifying code is frowned upon. Besides, is kernel reliability really an issue these days? Even the Windows kernel only really crashes when you feed it bad memory.

They are actually talking about things like driver isolation with monitoring and restarts. The answer to whether kernels are stable enough depends on your requirements. I find that I am much less forgiving when my DVD player crashes and doesn't record the film I have set than when my computer crashes, though both are now very rare events. Monitoring, isolation and restarting is used in things like engine management systems, where failures are even less welcome and a full OS with this level of reliability is bound to have applications in medicine, industry, "defence", etc.

Re:A very good question (1, Insightful)

Anonymous Coward | more than 5 years ago | (#27743247)

The problem with driver isolation is that it's a layering violation given most today's PC hardware.

A broker driver can crash/corrupt not just the device it's on but the complete machine.

Also, in my experience if the driver bug crashes the entire machine, it's more likely to be fixed.

Re:A very good question (5, Informative)

Vanders (110092) | more than 5 years ago | (#27743303)

The problem with driver isolation is that it's a layering violation given most today's PC hardware.

That depends on how you've designed things, I guess. "Today's PC hardware" (& yesterdays for that matter) has always provided 4 protection ring levels, but very few OSes have ever made use of more than 2 (1 for the kernel, one for userspace). You could certainly put drivers in a higher ring than the kernel and allow them to only have limited access to memory, just as you do with a user-space application.

Re:A very good question (1, Funny)

aliquis (678370) | more than 5 years ago | (#27743287)

The question is, can you make a system that actually works very well?

I'm glad someone finally got to asking this question.

The answer is, it seems: Yes! [wikipedia.org]

Sometimes (2, Interesting)

HarryatRock (1494393) | more than 5 years ago | (#27743445)

I have been trying to answer that question for more than 40 years, and I can say the answer is :: sometimes. The trouble is you need lots of money (i.e. man hours + very good kit + a very well defined problem + lots of testing), unfortunately experience shows that when you get all of that, the system is obsolete by the time you hand it over to the user. It's better to aim for good enough.

The 1980s called... (5, Insightful)

Viol8 (599362) | more than 5 years ago | (#27743017)

.. they want their funding back.

Seriously , I thought minix had been put out to pasture years ago.

Also what are 5 people going to manage that entire corporations and thousands of OSS developers failed to do in the last few decades? Ok , one of them might be the next Alan Turing and surprise us all but I won't hold my breath.

Re:The 1980s called... (5, Insightful)

FourthAge (1377519) | more than 5 years ago | (#27743069)

The aim is not to produce a better operating system, the aim is to secure funding. This is what academics actually do; good research is (at best) a byproduct. This is business as usual for a research group. The real research will be a low priority, because the group will need to satisfy the EU bureaucracy that they are doing something worthwhile. Consequently, most of their time will be spent writing reports.

Bear in mind that ideas like "self healing software" are buzzwords that you put on research proposals in order to get them accepted. See also: "cyber-physical systems", "multicore paradigms" and "sensor networks".

Re:The 1980s called... (1)

giorgist (1208992) | more than 5 years ago | (#27743401)

HEY ... "sensor networks"is cool,
the rest ... is just used mouthwash

EU Burocracy... (5, Informative)

js_sebastian (946118) | more than 5 years ago | (#27743511)

The aim is not to produce a better operating system, the aim is to secure funding. This is what academics actually do; good research is (at best) a byproduct. This is business as usual for a research group.

Not really. The purpose is doing the research you are interested in doing (even if it's just for your career ambitions). For that you need funding. So of course you have to do some marketing to sell the research you want to do to the people deciding whom to fund. You think this guy has been doing MINIX for 20 years just to get funding? It's the other way around, you get funding, to be independent and have people work for you so you can get some interesting stuff done. Or, if you are more cynical, he's working on MINIX because it generated enough interest that he could get a ton of publications out of it.

The real research will be a low priority, because the group will need to satisfy the EU bureaucracy that they are doing something worthwhile. Consequently, most of their time will be spent writing reports.

From my experience this is a bit of an exaggeration. It's true that EU-funded projects have more strings attached than those from many other funding sources, but running the burocracy/reports/financials for an EU project that is funding 3 full time people at our university still only takes a rather small percentage of my time.

And that's a lot more freedom to do real research than in any company environment i've seen or heard of so far. Big companies (even the good ones) have IMHO more bureaucracy, not less, and short-term horizon (want returns in 3, 5 years at the most), which means very little of what is called "research and development" has anything to do with research.

Re:The 1980s called... (4, Insightful)

Zumbs (1241138) | more than 5 years ago | (#27743077)

The point may not be to build the next big $SUPER_DUPER_OS, but to try out some new ideas and concepts for better and more robust OSs in a very controlled environment. If they get good results, the ideas may be integrated into the kernal of those other OSs, hopefully improving the quality of the OS.

Re:The 1980s called... (0, Flamebait)

mrphoton (1349555) | more than 5 years ago | (#27743083)

Along the same lines as the above post.... What a waste of my taxes. I am getting fed up of hearing about cash going to dubious research projects. There are some big problems to be solved out there for example reducing mans dependence on fossil fuels and reducing the damage they cause our planet. Why are we wasting cash on this dubious project?????

Re:The 1980s called... (1)

Vanders (110092) | more than 5 years ago | (#27743103)

There are some big problems to be solved out there

Yeah, like making computer software that doesn't fail.

Re:The 1980s called... (5, Insightful)

Chrisq (894406) | more than 5 years ago | (#27743177)

Along the same lines as the above post.... What a waste of my taxes. I am getting fed up of hearing about cash going to dubious research projects. There are some big problems to be solved out there for example reducing mans dependence on fossil fuels and reducing the damage they cause our planet. Why are we wasting cash on this dubious project?????

Many PHD students will feed back what they learned into industry on graduation. Its called education, and it is not a waste of money even if Minix 3 is not the next best OS. Some things that come out of it will almost certainly be used.

Re:The 1980s called... (0)

daem0n1x (748565) | more than 5 years ago | (#27743375)

Yes, because everyone should stop everything that we're doing in this exact moment. Why should we be growing crops when we have the global warming to fight against? Let's fight global warming, when we are finished we can think about all the other pesky things, like food.

Re:The 1980s called... (5, Insightful)

VoidCrow (836595) | more than 5 years ago | (#27743185)

That tendency of unimaginative geeks to piss all over ideas that aren't actually in front of them and in use at that point... It's loathsome and saddening.

Re:The 1980s called... (0)

Anonymous Coward | more than 5 years ago | (#27743355)

That tendency of unimaginative geeks to piss all over ideas that aren't actually in front of them and in use at that point... It's loathsome and saddening.

Why limit this statement only to "geeks"? I'm pretty sure it's more generally applicable.

What ideas? (1, Insightful)

Viol8 (599362) | more than 5 years ago | (#27743417)

All I can see is some buzzwords and them waffling about microkernels - a 1970/80s concept if ever there was one which so far has proved less than impressive in the real world.

Re:The 1980s called... (4, Informative)

PhotoGuy (189467) | more than 5 years ago | (#27743461)

I remember Minix. Before there was Linux, Minix was around. It was my first exposure to a Unix-like operating system on a PC. It was surprisingly lean and elegant and Unix-like. I still have the box of floppies. I remember recompiling and modifying the operating system. It was indeed quite a powerful tool, and I dare say an important precursor to Linux.

(When I first heard about Linux, I had incorrectly assumed it was an evolution of Linux.)

I see a lot of people bashing Minix here; I don't think it will replace Linux by any means, but it is an important historical OS, IMHO.

Wiki notes (about Linux):

In 1991 while attending the University of Helsinki, Torvalds began to work on a non-commercial replacement for MINIX,[13] which would eventually become the Linux kernel.

Linux was dependent on the MINIX user space at first. With code from the GNU system freely available, it was advantageous if this could be used with the fledgling OS.

Re:The 1980s called... (0)

Anonymous Coward | more than 5 years ago | (#27743595)

Please do. It doesn't seem like you brushed today.

MINIX guy (5, Informative)

4D6963 (933028) | more than 5 years ago | (#27743031)

said Andrew S. Tanenbaum, a computer science professor at Vrije Universiteit

It sounds intentionally misleading to present them as "a computer science professor" when he's the one MINIX guy.

Re:MINIX guy (1, Redundant)

sigxcpu (456479) | more than 5 years ago | (#27743085)

I agree.
Just to put things in the right context here is a link to the famous Tanenbaum-Torvalds debate.
http://oreilly.com/catalog/opensources/book/appa.html [oreilly.com]

Re:MINIX guy (1)

mu22le (766735) | more than 5 years ago | (#27743219)

I agree.
Just to put things in the right context here is a link to the famous Tanenbaum-Torvalds debate.
http://oreilly.com/catalog/opensources/book/appa.html [oreilly.com]

ehi come on!
every self respeting geek has already read it 10 years ago, and it's not like Tanenbaum never did anything else but that flame war.

Mini3 is a very interesting open source OS and I can only be happy it has received some founding and wish the project the best luck.

Even more misleading (5, Informative)

EmTeedee (948267) | more than 5 years ago | (#27743337)

...is to call this news. The grant was received in November 2008! (see http://www.minix3.org/news/ [minix3.org] )

Re:MINIX guy (1)

rdtripp (1057564) | more than 5 years ago | (#27743449)

Fooled around with Minix a couple years back. It appears to be a great teaching tool and I can see where it would be a versatile concept development platform. With Andrew S. Tanenbaum (duh, the guy that developed the OS) spearheading this project I see possibilities. He seems to just the type ornery old non-conformist b*astrd that could possibly pull it off. Hell, he makes most of us liberal open source microsoft-baiting pinko commie linux lovers (just flamed myself to save time) look conservative.

What's the point? (2, Informative)

seeker_1us (1203072) | more than 5 years ago | (#27743033)

All respect to Andrew Tanenbaum, I'm not trying to troll. It's a sincere question.

He has said Minix was to be a teaching tool.

Now they want to turn it into a super reliable OS?

I don't think it's to make it into another production OS. Could it be in order to develop new OS concepts and ideas which can be spread out to the world?

Re:What's the point? (0)

Anonymous Coward | more than 5 years ago | (#27743159)

It would be way better to start with NetBSD as a foundation to build upon.

However, this has nothing to do with making something or researching. It is just to secure funding. All available time will be spend writing reports to satisfy the funding agency. There will be no time (nor motivation) to do actual work.

Welcome to academia.

Re:What's the point? (4, Insightful)

MrMr (219533) | more than 5 years ago | (#27743179)

Yes, imagine that: A professor trying to teach students how to implement something new and potentially useful rather than clicking ok in the 'solve my problem' wizard.

Re:What's the point? (1, Informative)

Anonymous Coward | more than 5 years ago | (#27743209)

He said that about the original Minix and somewhat less so v2. The current version, Minix 3, is a different beast.

Re:What's the point? (4, Interesting)

MichaelSmith (789609) | more than 5 years ago | (#27743405)

Back when Linus started to write his kernel the debate between monolithic and micro kernels still made some sense. But now more features and drivers are being written for linux and it is getting bigger and more bloated. Functions are being put into modules but that only solves half of your problem because a module can still bring down the kernel.

I think AST was right. Linux can't continue to use a monolithic architecture.

Re:What's the point? (3, Informative)

slabbe (736852) | more than 5 years ago | (#27743441)

From www.minix3.org "MINIX 1 and 2 were intended as teaching tools; MINIX 3 adds the new goal of being usable as a serious system on resource-limited and embedded computers and for applications requiring high reliability"

Re:What's the point? (4, Informative)

EMN13 (11493) | more than 5 years ago | (#27743491)

It's also a research OS - the aim isn't to make minix the next best thing, the aim is to research self-healing OS software by using minix as a test platform.

Most good production software takes a good look at similar software to imitate the best features of each - this isn't a competition between minix and linux, it's testing a feature is a simpler (and thus cheaper) fashion.

What about OpenBSD (0, Troll)

quinks (1172373) | more than 5 years ago | (#27743041)

Not content with starting a flaming shitfest by anonymous declaration with Linus Torvalds (who managed to get where Tanenbaum wanted to be fifteen years ago), Andrew S. Tanenbaum, a computer science professor at Vrije Universiteit, decides to start a flaming sitfest by anonymous declaration with Theo De Raadt. (who is where Tanenbaum wants to be in fifteen years with this project)

Sounds like an idealist (1)

wamatt (782485) | more than 5 years ago | (#27743063)

I don't see this taking off to be honest. Minix was always a research toy. There is too much momentum in Linux. But what it might do is spur some ideas that get incorporated into the likes of Linux or BSD etc.

Oh gawd , not microkernels again *yawn* (0, Troll)

Viol8 (599362) | more than 5 years ago | (#27743065)

How many times is this old chestnut going to be tossed around?

MS tried a microkernel with NT and its HAL. It didn't really work very well. Most Unix varients don't even bother to try. Perhaps thats the whistle to the cluetrain that Tanenbaum really should listen out for. I can't help thinking he's still a bit cheesed off that Linux took all the glory from Minix and is now trying to up the ante and present minix as a serious OS. Sorry mate, you're 15 years too late, you had your chances and lost - stick to the teaching.

Re:Oh gawd , not microkernels again *yawn* (0)

Anonymous Coward | more than 5 years ago | (#27743105)

Yeah cause it certainly doesn't work for OSX... oh wait.

Re:Oh gawd , not microkernels again *yawn* (1)

Vanders (110092) | more than 5 years ago | (#27743119)

OS X is as much a microkernel as Windows NT I.e. it isn't one.

Re:Oh gawd , not microkernels again *yawn* (0)

Anonymous Coward | more than 5 years ago | (#27743253)

What about beos?

Re:Oh gawd , not microkernels again *yawn* (1)

Vanders (110092) | more than 5 years ago | (#27743313)

BeOS isn't a micro kernel either, and nor is Syllable. Both use message passing heavily in user space but that's a different beast.

Re:Oh gawd , not microkernels again *yawn* (0, Offtopic)

thaWhat (531916) | more than 5 years ago | (#27743187)

I had this thing called an Amiga. While the upper echelons could muster the folding for an '030 or an '040 (hence task-protection and memory management), the rest of us had to make do with the occasional guru-meditation. Either way, a massive hard-disk partition was not necessary (I agree, however, it was helpful). Don't dismiss minix. If AmigaDos could boot to a fully-functional desktop from a floppy, why can't minix?

C:

Re:Oh gawd , not microkernels again *yawn* (1)

CRCulver (715279) | more than 5 years ago | (#27743501)

Was Amiga really a fully-functional desktop? Did it have full Unicode support? In today's global world, support for many languages and scripts displayed simultaneously is vital, but multibyte does tend to add to the size of applications, meaning that a complete system on a floppy can no longer be considered realistic.

Re:Oh gawd , not microkernels again *yawn* (4, Insightful)

Chrisq (894406) | more than 5 years ago | (#27743215)

How many times is this old chestnut going to be tossed around?

MS tried a microkernel with NT and its HAL. It didn't really work very well. Most Unix varients don't even bother to try.

I think you are right at the moment. I am not sure that you will still be right when processors are 256-core or greater. I think that at some point the overhead of microkernals will be made up for by utilisation of greater parallelisation.

Re:Oh gawd , not microkernels again *yawn* (0)

Anonymous Coward | more than 5 years ago | (#27743389)

Minix is a teaching operating system. It doesn't do anything else. Tannenbaum said so, years ago. I use a half-useful microkernel OS years ago (AmigaDOS), but it tended to be unstable. There are other ones around, but they suffer from message passing bottlenecks. A self healing system? What happens when the self-healing mechanism fails? If its like the human body, they call it cancer.

Re:Oh gawd , not microkernels again *yawn* (1)

Viol8 (599362) | more than 5 years ago | (#27743429)

Given that one of the main reasons for microkernels is to seperate dodgy drivers from the kernel and hence improve stability - it doesn't say much for the implementation of amigaDOS if it kept crashing!

Re:Oh gawd , not microkernels again *yawn* (1)

Vanders (110092) | more than 5 years ago | (#27743499)

AmigaOS couldn't separate anything from anything because it didn't have memory protection, which it didn't have because the original hardware (Motorola 68000) didn't have it. Then once MMUs became available in newer CPUs (68030/040/060) the OS couldn't be changed because applications relied on it.

Re:Oh gawd , not microkernels again *yawn* (0)

Anonymous Coward | more than 5 years ago | (#27743451)

"Sorry mate, you're 15 years too late, you had your chances and lost - stick to the teaching."

clearly some one/folks with $3.3 million thought differently

In related news, Linux missed the desktop chance (1)

jonaskoelker (922170) | more than 5 years ago | (#27743537)

I think it's very interesting that if you go RTFA (yeah, I'm new here), you can read the related headline[1]:

"Desktop Linux: Why it may have lost its chance"

I think the dear AST is up to no good...

[1]: http://www.itworld.com/open-source/67022/desktop-linux-why-it-may-have-lost-its-chance [itworld.com]

Minix was created by A. Tannebaum & Students f (1)

kubitus (927806) | more than 5 years ago | (#27743089)

teaching OS design.

You could buy the whole documentation in X honking thick binders from www.heise.de - maybe you still can.

Andrew favors a modular approach to the kernel while Linus favors the integrated kernel.

Both have their merits ( and arguments )

Maybe something comes out of it!

Tanenbaum? (1, Informative)

Norsefire (1494323) | more than 5 years ago | (#27743117)

He's the guy that argued with Torvalds back in 1992, right? The one who claimed that "Linux is obsolete" and Torvalds should "[b]e thankful you are not my student. You would not get a high grade for such a design." (link) [google.com]

Therefore, I'm not inclined to listen to anything he has to say about kernels/operating systems.

Re:Tanenbaum? (0)

DNS-and-BIND (461968) | more than 5 years ago | (#27743269)

Duh, that was when Torvalds himself was working on linux, before the community got behind it.

In addition, your attitude is closed-minded.

Re:Tanenbaum? (5, Funny)

Ragzouken (943900) | more than 5 years ago | (#27743273)

Actually he said: "Be thankful you are not my student. You would not get a high grade for such a design :-)" the :-) is important.

Re:Tanenbaum? (5, Insightful)

miketheanimal (914328) | more than 5 years ago | (#27743329)

Has anyone noticed how more and more stuff gets moved from the Linux kernel into user space these days; FUSE is a good example. History may record that, broadly speaking, Tanenbaum was corrent and Torvalds was not. Anyway, I assume you are saying that since Linux has been so much more successful than Minix, we must listen to Torvalds and ignore Tanenbaum? On that basis, we should listen to Gates and ignore Torvalds!

Re:Tanenbaum? (0, Offtopic)

Norsefire (1494323) | more than 5 years ago | (#27743497)

I would listen to Bill; Windows is a success (nefarious means aside). I would listen to Jobs. I would listen to Torvalds. But I would not listen to someone who is only well-known for being wrong. His stance on where operating systems and kernels are heading hasn't proven to be correct in the past and as he hasn't made any remarkable breakthroughs since then so I see no reason why that would change.

I shudder to think what the outcome would have been if Linus *was* his student. Would there still be Linux?
What projects-with-potential *has* he stifled through his ignorance? We will never know.

A self-repairing OS? (2, Interesting)

cpghost (719344) | more than 5 years ago | (#27743121)

Actually, it's not such a bad idea. The concept of putting important components in user-space has been around for a while, and it still has potential w.r.t. reliability. But the real question is: are only microkernel architectures capable of self-healing?

Re:A self-repairing OS? (5, Insightful)

Jacques Chester (151652) | more than 5 years ago | (#27743397)

No, but dividing things into smaller pieces makes it easier to fix those pieces in isolation. It's easier for a microkernel system to be self-healing because of that isolation.

This is not an amazing revelation. We've known about the idea of isolating changes since the invention of the sub-routine. The reason microkernels have always been relegated to second-best is that they require more context switching than a regular monolithic kernel. The tradeoff between "fast enough" and "reliable enough" has for some time now favoured "fast enough".

But that's changing -- people's computers are getting plenty fast. The 10-15% slowdown Tanenbaum claims for Minix3 is less of a drag than, say, an anti-virus program and could serve to more effectively prevent viruses into the bargain.

People who say microkernels are passe forget our industry is not set in stone. Priorities change and technologies change with them. In the last 10 years performance has become progressively less important than reducing bugs or speed of development. Microkernels have lots to offer in such a world.

Linux is Obsolete! (4, Funny)

fishexe (168879) | more than 5 years ago | (#27743129)

Now that Minix 3 is here, Linus can take his monolithic kernel and stuff it! Microkernels are the wave of the future, man!

Re:Linux is Obsolete! (0)

Anonymous Coward | more than 5 years ago | (#27743189)

Andrew, is it you?

Linux is obsolete (1)

horza (87255) | more than 5 years ago | (#27743133)

According to the professor, it should soon make Linux obsolete [dina.kvl.dk] .

Phillip.

Re:Linux is obsolete (3, Funny)

fishexe (168879) | more than 5 years ago | (#27743257)

"Of course 5 years from now that will be different, but 5 years from now everyone will be running free GNU on their 200 MIPS, 64M SPARCstation-5."

Man, remember back in '96 when we all got SPARCstations? Those were the days.

Re:Linux is obsolete (1)

ciderVisor (1318765) | more than 5 years ago | (#27743309)

Hahaha. I'm completely new to this debate (yeah, I know - what a n00b !). Has Tanenbaum ever withdrawn his arguments in the light of experience ? Has he ever thrown up his hands and said "You know, I was just plain wrong. Mea culpa." ?

Anyone who remembers the climate in microcomputers at that time can kind of appreciate where he was coming from but the landscape has changed so much (if you'll allow me a little metaphor-mixing) since then that most of his points have either been soundly refuted or shown to be overly cautious/conservative.

Re:Linux is obsolete (1)

MichaelSmith (789609) | more than 5 years ago | (#27743459)

Hahaha. I'm completely new to this debate (yeah, I know - what a n00b !). Has Tanenbaum ever withdrawn his arguments in the light of experience ? Has he ever thrown up his hands and said "You know, I was just plain wrong. Mea culpa." ?

Anyone who remembers the climate in microcomputers at that time can kind of appreciate where he was coming from but the landscape has changed so much (if you'll allow me a little metaphor-mixing) since then that most of his points have either been soundly refuted or shown to be overly cautious/conservative.

Since the landscape has changed AST can hardly be said to have been wrong at the time. But anyway the landscape is changing towards lightweight embedded systems. Linux is a better fit in that environment than Vista, but a smaller, more modular kernel would be an even better fit.

Re:Linux is obsolete (2, Insightful)

AVee (557523) | more than 5 years ago | (#27743471)

Hahaha. I'm completely new to this debate (yeah, I know - what a n00b !). Has Tanenbaum ever withdrawn his arguments in the light of experience ? Has he ever thrown up his hands and said "You know, I was just plain wrong. Mea culpa." ?

No, why should he? Because Linux is more popular then minix? I'd guess most people here should start sending Mea Culpa's to Microsoft...

nostalgic (0)

Anonymous Coward | more than 5 years ago | (#27743163)

Maybe I'm just a bit nostalgic but why isn't it mentioned that a early version of Minix* inspired Linux*?

*: http://en.wikipedia.org/wiki/Linux#MINIX
*: http://en.wikipedia.org/wiki/MINIX

Minix 3 source code (3, Informative)

Jacques Chester (151652) | more than 5 years ago | (#27743217)

I'd recommend people take a look at the source code for Minix 3. It's actually pretty easy to wrap your head around, even for a C-phobic person like I am.

System security is only half the rent (2, Insightful)

Opportunist (166417) | more than 5 years ago | (#27743243)

The other is user security. And you cannot solve that problem with technology.

The circle you have to square here is that the user/admin should be allowed and able to run his software, but at the same time he must not run harmful software. Now, how do you plan to implement that? Either he can run arbitrary software, then you cannot identify security risks before it is too late. Or he cannot run software that is a potential security risk and he is no longer the master, owner and root of his own machine.

Oh, you want a system where the user can generally do his work but has to ask for special privileges when he wants to install new software or change security critical settings? Where have I heard 'bout that before... hmmm...

Re:System security is only half the rent (2, Informative)

Jacques Chester (151652) | more than 5 years ago | (#27743347)

The Singularity project at MSR looked at this problem in a different way. What if each piece of software carries a protocol specification? What services it will require, in what order?

Then you can do various clever things involving proving that the system won't do anything malicious. If the software tries to do something outside of its specified protocol, then zappo, it's gone. This has the nice side effect that you don't need to rely on hardware memory protection and therefore you don't have to pay context switches. Singularity's process startup and kill times leave everyone else for dead.

But Singularity only works because of language features and requires you to do everything in a conforming language (Spec#). Probably the most meaningful predecessor was Oberon.

Minix has a better chance of working in the "real world" because it takes a less all-or-nothing approach to the problem. For instance, Minix3 is coded in C, which is fast but unsafe. But Minix supports a lot of POSIX and could conceivably add Linux emulation as a module, whereas Singularity requires you to rewrite everything to enjoy the guarantees.

Tanenbaum makes the further point that no matter what you prove, software has bugs. If you isolate the bugs you reduce their cost. If you simplify recovery from failure you reduce their cost still further. A microkernel approach does just these things and so would presumably be more reliable on a per-line-of-code basis than a monolithic kernel.

Re:System security is only half the rent (1)

MamieNova (697622) | more than 5 years ago | (#27743381)

Windows Vista ?

Hooray! (5, Funny)

Cornwallis (1188489) | more than 5 years ago | (#27743297)

2009 will finally be the Year of the Minix Desktop!

I'm really getting old (1, Interesting)

udippel (562132) | more than 5 years ago | (#27743311)

This is what I thought when I read the post. It really smells as if the poster, narramissic, had not been around when microkernels and minix were fashionable. And neither was the person to allow for it to show on slashdot.

Let's call the minix discussion flogging a dead horse, until these chaps have come up with something real. If they manage to come up with something that is close to the beauty the idea of microkernels has on paper.

perhaps their work will inspire (4, Interesting)

ei4anb (625481) | more than 5 years ago | (#27743323)

I remember submitting some patches to them many years ago when I got Minix working in less that one megabyte of RAM (at the time Minix worked at 1Mb and up) and thinking that it would be nice if it were GPL and if I had the time...
As I recall some guy in Finland did have the time

How about JIT in the Kernel? (1)

bertok (226922) | more than 5 years ago | (#27743393)

I was just thinking recently about Microsoft's Singularity research operating system written in C#, which is cute, but somewhat useless in the real world. One big advantage though of statically verifiable byte-code languages like C# in operating systems though is security, because you can ensure a block of code is secure once and then run it at full speed without further access checks. That's almost impossible with generic C or assembler, but tractable with bytecode-based languages like Java or C#.

While a *pure* C# operating system is a bit nuts, why not allow a *hybrid* operating system? Simply create a variant of the Java or C# runtime that can execute inside the Kernel at Ring 0, and only allow verifiably safe code to run. You get the benefit of a high level garbage collected language with all the safety checks that are normally enforced by the user-space/kernel-space seperation, but with none of the overheads.

This would have been impossible some years ago, because most operating system kernels weren't properly preemtible, and Windows on 32-bit had all sorts of pre-allocated buffer size limits, but all of that has been solved or has gone away with 64-bit.

I can't think of any reason this wouldn't work. Keep in mind that the typical device driver might be written by some minimum-wage code jokey in Taiwan or China who's got a "Kernel Programming for Dummies" book on his desk. I'd rather have him working in a language that can be verified safe, instead of a language that comes with a whole array of guns to shoot all of your feet off.

Minix reincarnation (1)

lzdt (1335879) | more than 5 years ago | (#27743427)

"The current version of MINIX 3 (3.1.2) is a work in progress. It is nowhere near as mature as FreeBSD or Linux right now."
Yau, Minix is not dead, micro kernels are /better/ than this monolithic retires and with your definitions of "near" you'd better promote yourself for the oxford english dictionary editor.

Windows? (1)

lzdt (1335879) | more than 5 years ago | (#27743515)

As a big windows fan boy I feel pretty lousy: THERE ARE ONLY 2 SUPPORTED GAMES: adventure and tic tac toe!
Ughh, don't you also think that at least 85% of the user base of a successful OS are minesweeper and solitaire overlords?

Security metrics (1)

dp_wiz (954921) | more than 5 years ago | (#27743521)

aims to be more reliable and secure than either Linux or Windows

Why not both?

- How it goes?
- We can't yet beat Linux security so we should market as "more secure than Windows".
- Okay. Compile, ship.

So? (0)

Anonymous Coward | more than 5 years ago | (#27743559)

Europe funds a great many things, a lot of them completely irrelevant. What makes this one special enough to end up on /.? Is mentioning that horrible Dutch bastard of a professor (try reading one of his books without wanting to kill yourself) all it takes these days? Or is it the fact that "minix" ends in X?

Doesn't anybody think the hardware is the problem? (4, Interesting)

master_p (608214) | more than 5 years ago | (#27743581)

The real reason there is no security and that we have the monolithic vs micro kernel is that CPUs provide process isolation and not component isolation. Within a process, CPUs do not provide any sort of component isolation. If they did, then we would not have this discussion.

I once asked Tanenbaum (via email, he was kind enough to reply) why CPUs do not have in-process module isolation. He replied:

From: Andy Tanenbaum [ast@cs.vu.nl]
Sent: Ðáñáóêåõ, 1 Öåâñïõáñßïõ 2008 4:00 ìì
To:
Subject: Re: The debate monolithic vs micro kernels would not exist if CPUs
supported in-process modules.

I think redesigning CPUs is going to be a pretty tough sell.

Andy Tanenbaum

But why? I disagree with that for two reasons:

1) the flat address space need not be sacrificed. All that is required is a paging system extension that defines the component a page belongs to. The CPU can check inter-component access in the background. No change in the current software will be required. The only extra step would be to isolate components within a process, by setting the appropriate paging system extensions.

2) The extension will require minimal CPU space and CPU designers already have great experience in such designs (TLBs, etc). Money has been invested for less important problems (hardware sound, for example), so why not for in-process components? it will be very cheap, actually.

Of course, security is not only due to the lack of in-process component isolation, but it's a big step in the right direction...

$3.3 million for 5 years? (1)

Exitar (809068) | more than 5 years ago | (#27743585)

It doesn't seem a lot to me...

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>