1. 19

  2. 5

    Also: people who want their code to deal with cryptographic secrets and have it be timing-safe. Branch-free compilation is a step in this direction but sometimes optimization and security are directly at odds.

    1. 6

      As we’ve seen since Spectre/Meltdown, there’s also a big bad optimizer inside Intel CPUs. I feel sorry for people who need to write side-channel-free code for modern CPUs. It seems like the status quo is super fragile, and it needs a whole new approach.

    2. 7

      I have a file of jokes of mine and this one is appropriate.

      With regards to Linux kernel development practices:

      The Linux kernel, due to C, is a monument to convention.

      Absolutely none of this nonsense is necessary; it’s anti-knowledge. Imagine what operating systems would be like if people weren’t determined to use garbage from the 1970s to reimplement garbage from the 1970s.

      1. 10

        Vaporware is always much better faster and more provably correct.

        1. 2

          Windows NT and commodity clouds weren’t vaporware. Even Midori got built and deployed in the field. It turned vaporware in general market cuz Microsoft wanted nothing threatening their cash cow.

          1. 5

            True enough, nobody ever said Windows NT was better, faster, and more provably correct. But it was written in C/C++ so that probably explains both that it works and its not so good?

            1. 2

              People definitely said the user experience was better than DOS/UNIX, I don’t know if it was faster (or resource efficient) unless you’re comparing old Windows to modern Linux, and Shapiro wrote the definitive piece on its [in-]security certification. He had some vaporware himself in that which happened due to a mix of market reality for high-security OS’s and… Microsoft hiring him. Oh the irony.

              Then again, I usually think of MS Research and MS Operations (Windows etc) like different groups. MSR hired him. They do great work. MSO fucks up theirs to maximize numbers in annual reports. His essay called out MSO before being hired by MSR. So, maybe no irony even though “Microsoft” is involved in both situations.

            2. 1

              It turned vaporware in general market cuz Microsoft wanted nothing threatening their cash cow.

              Is there a reference for this being the reason? Midori was super interesting and I find it hard to find info on it outside the blog post series.

              1. 3

                I can’t remember if I have a source. This might be an educated guess. Microsoft has done everything they can with marketing, their legal team, and illegal deals to make Windows desktop and Windows Mobile (at one point) succeed against everything else. They tried lawsuits against Linux users. They pulled billions in patent royalties from Android suppliers. They’ll do anything to protect their revenues or increase them.

                Most of their profits in Windows ecosystem come from businesses that are locked in to legacy code that runs on Windows and/or consumers that want to run Windows apps. Their other software, which they cross-sell, is built around Windows. Any success of Midori threatens that with unknown positives. A turf war between the group wanting to maintain Windows and a group pushing Midori is almost certainly resulting in Midori losing.

                Further, they’d have to port their existing offerings to Midori to keep the cross-sells. Vista already showed how much they sucked at pulling off such a transition. That adds major risk to a Midori port. So, final decision by business people will be Windows is huge asset, Midori is minor asset with high liability, and they should just back Windows/.NET porting advances of Midori into it.

                That’s my educated guess based on both their long-term behavior and the fact that I can’t buy Midori.

                1. 2

                  Thanks for the response! I’m aware of the company’s history and can of course see how one can project forward to that conclusion, I just wanted to know if there was anything solid written about why the project came apart.

                  1. 3

                    I know the developers kept leaving. That’s usually a bad sign. Then, Duffy wrote this cryptic message on his blog:

                    “As with all big corporations, decisions around the destiny of Midori’s core technology weren’t entirely technology-driven, and sadly, not even entirely business-driven.”

                    Usually a sign management is being incompetent, scheming, or both.