Posts by Cem Ayin

Re: Linux is not an OS

The polemic untertone of the TS and the downvotes he's received in turn nonwithstanding, his statement is factually true: Linux is not an OS, it's a component of an OS, a kernel. And that is not just a nitpick: it is the real reason why "Linux" was never widely adopted on the desktop.

For (leaving Android aside for the moment) "Linux" in the usual sense of the word, namely: the Linux kernel plus the GNU userland tools (and a few others) is in reality a /family/ of OSes, all of which are closely related enough to look "mostly the same" from the (Unix/Linux nerdy) end-user PoV but which in reality present a bewildering variety of ABIs that makes packaging /commercial/ applications for "Linux" a chore, particularly where end user apps with a GUI are concerned. And one which doesn't yield an attractive remuneration either, as, most software that is being used on GNU-Linux being FOSS, the average Linux nerd expects commercial applications on "Linux" to be cheaper rather than more expensive as compared with Windows and OSX. For a commercial developer "Linux" thus means: more effort for less ROI, or in other words: "Nah, not worth it"...

However, no OS can ever thrive on FOSS end user applications alone. That is a hard fact of life. And this is why "Desktop Linux" has remained a niche product. Sure, lately we've seen a plethora of novel packaging schemes where each application has to provide its very own userland runtime environment, either directly or by pulling in dependencies, the only viable option for portable applications in the Linux environment, apart from linking the whole damn thing statically on an ancient kernel version. But it's all too little, too late and still too balcanised to stand a real chance of becoming a game changer.

And there's another problem: There are use cases that require specific hardware drivers the implementation of which must remain a trade secret, such as operating high-end audio hardware, which is all but impossible in a GPL-licensed monolithic kernel. For high-performance GPUs at least, solutions exist, but I suspect those are only being tolerated because even the most radical GPL-Taliban want a good FPS-game from time to time...

Thus it turns out that the licensing (which created the distro balcanisation as well as the driver problem) is indeed responsible for both the success of "Linux" (in the server room) and its dismal failure (on the Desktop).

And Android? Well, Android does not have problem #1, as it is factually a proprietary OS (with a FOSS core component, just like OSX) and problem #2 is not really relevant on a smartphone, where you cannot swap out the GPU or attach an external high end audio interface. Which proves my point.

Feel free to vent your frustration by downvoting me, but know that it ain't gonna change a thing...

Re: "Isn't that the *nix philosophy"

You have it backwards: it is not the component-based design of the Unix UI as such that is to blame. Quite the contrary: reusable components are an efficient and highly successful concept. Where the age of the Unix shell(s) is showing is the poor way of "glueing" the components together: by passing all data as strings, which requires serialisation and parsing to be implemented over and over again - which in turn means asking, if not begging, for trouble.

(If only I had a $ for every quoting error I've encountered in my professional career...)

Hate to say it, but the PowerShell is the one thing that Microsoft did get right in terms of OS interface design.

Re: Amoeba

The concept of capability-based access control well pre-dates the Amoeba system, see the following links containing some examples dating back to the 70's:

http://cap-lore.com/CapTheory/KK/OperatingSystems.html

https://en.wikipedia.org/wiki/Capability-based_security

(Mr. Hardy's link collection lists a number of systems that are not strictly speaking capability-based, see his notes on the individual links.)

Also, since this is a British forum, it might be appropriate to especially point out the Plessey System 250 (which was not just an OS but a capability-based hardware architecture with an OS to match):

http://www.cs.washington.edu/homes/levy/capabook/Chapter4.pdf

"Which part about dealing with MCAS was removed from the manuals 30 years ago? And at which moment the electric trim was re-enabled with MCAS worsening the situation?"

The reference is (obviously) not to a method for "dealing with MCAS" but to the "roller coaster" technique of recovering from a severe mistrim.

As for the de-activation of stab trim cutout, this appears to have happened around 5:43:11 when electric ANU trim was recorded, only to be followed by disaster when at 05:43:20 the stabilizer briskly started moving in AND direction again in response to auto trim input. Possibly the FC tried to flip only the left cutout switch back to "normal" in a desperate attempt to re-enable electric trim without re-engaging MCAS, a misconception that might have arisen from the different functions of the two cutout switches on prior 737 models (where the right cutout switch would disconnect the auto-pilot input only while leaving electric trim engaged).

See the following references:

https://theaircurrent.com/aviation-safety/vestigal-design-issue-clouds-737-max-crash-investigations/

https://www.satcom.guru/2019/04/what-happened-on-et302.html#more

https://www.satcom.guru/2019/04/stabilizer-trim-loads-and-range.html

Re: Hey, Iran

"Keeping in mind the rules of al-Shura (people's consultancy) in Islam, which is quite equivalent to democracy (but isn't the same though), a regime (and especially its ruler) can't be despotic and lay a claim to being Islamic at the same time."

I appreciate your sense of humor. So the Ummayads, the Abbasids, the Seljuqs, the Fatimids, the Ilkhans, the Ottomans, the Mughals and a few other, less important or even mentionable islamic dynasties right down to the Saudis and, of course, the current rulers of Iran have all, without exception, been - your words - "misrepresenting Islam to stay in power"? So Islam has basicly been constantly "misrepresented" ever since its inception? And as for those precious few upright true believers who represent the "real" Islam this leaves us with... the Qarmatians maybe???

I'll drink to that!

OT: 613 Commandments

As the old joke goes: When Moses came down from Mt. Sinai, the people were asking him: "Now, how did it go?" And Moses replied: "Not too bad - I managed to get him down to 613."

Re: So classic way to find an exploit.

"""

1) Read what the manual says a Windows function can do and will allow

2) See if its parameter checking stops you from doing whatever you want.

3) Check next function.

"""

I dont think anyone could have found this particular vuln using the above receipe. The problem here ist not insufficient validation of input to a privileged system function - as I read the article (and the linked explanation) it's rather a game of "spot the unintended side effect":

%SYSTEMROOT%\Tasks allows any authenticated user to create files there [NT AUTHORITY\Authenticated Users:(RX,WD)] and some system utility can be coaxed to change this file's permissions without checking if it isn't really an alias pointing elsewhere (say, a system library...) => game over :(

The problem is more akin to the classical "Unix /tmp-race" class of vulnerability. And now that this can of worms has been opened on Windows also, I would not be suprised if there was still more to be had where this particular vuln came from.

(If one absolutely wanted, one could of course subsume the creation of a file under "user input" to a "function" and checking for aliases in world-writeable directories under "parameter checking" but for my taste that would be stretching the meaning of those concepts a bit far.)

Re: Possible deadly flaw - compromised software

"For a closed source implementation (eq most Windows programs) there is a danger that a deliberately weakened random number generator is used."

The very same problem exists for FOSS-code, even assuming it has been thoroughly audited. Consult the search engine of your least mistrust about "Reflections on Trusting Trust". As for the countermeasure proposed by Wheeler I'm not sure about its practicality in real life, given the various nondeterministic bits of compiler output; in any case it is (A) a rather involved procedure and (B) it would miss trusting-trust-style attacks targeting other system binaries or those performed at the firm- or hardware level.

Re: Anything we should steal ? - Definitely

"Like OS/400 and AIX?"

OS/400 (now "IBM i") is the other commonly cited OS that provides a single level store, and AFAIK the only one still in active commercial use today. (Aegis and KeyKOS are two other, now defunct, examples that I remember OTTOMH.)

AIX OTOH is IBM's homegrown (SysV-based) implementation of Unix and while certainly providing mmap(2) & friends I am not aware that it has a single level store. Not that it would be impossible to implement a POSIX-ish OS on top of an OS based on a SLS (it has, in fact, been done: Domain/OS), but to my knowledge AIX is basically SysV with the usual set of BSD extensions as well as IBM's very own bells and whistles added.

Note that a "single level store" means more than just the ability to mmap files (I had mentioned mmap only as a /very loose/ Unix-analogy); in fact such a system does not have a "file system" in the usual sense of the word at all - just a large, usually segmented, address space or object store that is transparently being made persistent by the OS through writing out dirty pages to permanent background storage as needed.

No need for file I/O to keep data persistent, /that/ is the key point.

FWIW, the concept appears not to be entirely "dead"; while searching Multics references I stumbled on this paper

http://repository.cmu.edu/ece/370/

but I have not yet had time to really digest it. And then there is of course "The Machine", or rather, with quite a bit of luck there will be one day... although "memory centric computing" - while also being built around a persistent main memory is a different and more far-reaching concept altoghether.

BTW, another Multics nicety that I had forgotten in my original post is the fact that Multics segements containing executable code could (being mapped into the address space all the time anyway) be directly invoked and the interface for doing so was IIRC provided and standardized by the OS, thus leading to implicit cross-language compatibility of executable code. No need for FFIs and stuff.

Re: Sniff sniff

"I smell another transgression by the Chinese Government."

Sending millions of users' digital family silver to a single well-known server, apparently without certificate pinning? Using plain old DES in the mix? I know one should never underrate the power of human stupidity, but frankly I'd expect Chinese surveillance agencies to make a better job of it. Actually, I think even North-Corea would do a better job these days...

Re: Woo Hoo!

"Will this mean my VMS skills will be useful again? Wonder if they will implement a version of JCL (job control language) that was really powerful stuff."

You seem to confuse VMS with MVS. Or DCL with JCL.

They use what's already there, I suppose

"I always wonder why Android needs to go in to devices like this?"

It says "off-the-shelf smartphone tech", so most likely they are using ARM-SOCs originally designed for smartphones. And Android is what already runs on these devices, any flavour of GNU/Linux would probably have to be ported first (ARM-SOCs don't adhere to the same hardware interface standards that commodity x86-systems do).