Security is more important than performance (finally)

Andrew S. Tanenbaum, Jorrit N. Herder, and Herbert Bos: Can We Make Operating Systems Reliable and Secure? (via /.)

"Current operating systems have two characteristics that make them unreliable and insecure: They are huge and they have very poor fault isolation. The Linux kernel has more than 2.5 million lines of code; the Windows XP kernel is more than twice as large. ... Fortunately, the situation is not hopeless. Researchers are endeavoring to produce more reliable operating systems. Here we address four different approaches that researchers are using to make future operating systems more reliable and secure, proceeding from the least radical to the most radical solution."

You may recognize the name Andrew Tanenbaum, he disagrees strongly with Linus Torvalds (creator of Linux) about operating system kernel design. Specifically, he advocates microkernel-based operating systems, while Linux uses the traditional (and as we're finding out with modern operating systems, troublesome) monolithic kernel design.

I found all of the proposed designs very interesting. One of them comes from Microsoft Research, which I think is great news. It's too bad Windows is such an immovable force it will take a decade or two to make fundamental changes to Microsoft's core OS, but at least the effort has begun.

Written on May 8, 2006