Chinese Military Wants to Develop Custom OS

Citing security concerns, the Chinese military wants to replace Windows with its own custom operating system:

Thanks to the Snowden, Shadow Brokers, and Vault7 leaks, Beijing officials are well aware of the US' hefty arsenal of hacking tools, available for anything from smart TVs to Linux servers, and from routers to common desktop operating systems, such as Windows and Mac.

Since these leaks have revealed that the US can hack into almost anything, the Chinese government's plan is to adopt a "security by obscurity" approach and run a custom operating system that will make it harder for foreign threat actors -- mainly the US -- to spy on Chinese military operations.

It's unclear exactly how custom this new OS will be. It could be a Linux variant, like North Korea's Red Star OS. Or it could be something completely new. Normally, I would be highly skeptical of a country being able to write and field its own custom operating system, but China is one of the few that is large enough to actually be able to do it. So I'm just moderately skeptical.

EDITED TO ADD (6/12): Russia also wants to develop its own flavor of Linux.

Posted on June 6, 2019 at 7:04 AM • 65 Comments

Comments

Vesselin BontchevJune 6, 2019 7:35 AM

1) Brand new OS == brand new vulnerabilities, unless the Chinese have figured out how to produce complex software that's bug-free.

2) When (not if) the Five Eyes find a vulnerability in it, there will be absolutely no need to reveal it to the industry; they would exploit it with glee.

So, while they certainly can do it, I don't think that this will turn out being a smart idea for the Chinese...

OS DeveloperJune 6, 2019 7:43 AM

"Normally, I would be highly skeptical of a country being able to write and field its own custom operating system [...]"
It doesn't take a country to write an OS. Making is less vulnerable than what exists already would be the real challenge.

IrritatedJune 6, 2019 7:47 AM

I'd be surprised if they don't do a SELinux flavor - it's not as if they'd be forced to release the source if they keep it to themselves - but they'd probably be wary of it, given its origins

wumpusJune 6, 2019 8:07 AM

Petre Peter: we don't know that. That is true for North Korea, but China would be much more capable of rolling their own OS. The security consensus here appears to be that rolling your own introduces bugs more easily exploited security issues than dealing with US or OSS software that may have intentionally introduced security issues.

We'll have to wait and see what China makes.

Frank WilhoitJune 6, 2019 8:30 AM

O, to be a fly on the wall in the meetings where each line of the new OS is reviewed for conformance with Xi Jinping Thought.

HowAboutSaving_NotDestroyingJune 6, 2019 9:03 AM

It's not really a laughing matter to me.

I see the entire computer science industry and it's derivatives at risk of total destruction due to massive devolving into malevolent hacking and malware supersaturation. When this happens, unless prevented, nothing will work as intended, and most devices and services will fail. What I'm talking about would be independent of the IoT (internet of "things") problems, but will probably be made worse by such arbitrarily pushed trends.

So if anybody anywhere wants to prevent the wholesale loss of all of the benefits of digital technologies, I'm ok with that. It's not like the malevolent hackers and malware makers are going to provide any of us with healthy alternatives that work for us and not just for them.

But of course, what works for malevolence will fail too; that's the idiocy of it all; eventually it will all be compromised and infected and failing. And of course, for those of us living in places where the gear runs too much of our lives, lives will still be at risk--sometimes less, sometimes more.

Hacked self-driving vehicles and hacked life-support systems and hacked ventilation systems and hacked railway systems and hacked planes and helicoptors and hacked military drones doesn't seem like a good idea to me. Death is death is death.

The hackers seem to act as if nothing they do adds up to anything other than their own gains. They don't realise that they are collectively building the end of civilization, burning down every town from every direction.

The multimedia companies and politicians alike waste our time chasing non-existent foreign terrorist invaders and immigrants. The real threats to America (and the UK, etc) are all right here in America. The crazy dangerous foolish types here in the states don't give a damn--they are true 5150's thru and thru.

Again, anybody who wants to build a more resilient system shouldn't be mocked. There could be a trickle-down effect or better. America looks like it's about to get knocked down by it's own sociopaths. Whoever is left standing who isn't a perpetraitor is worth knowing, as well as their hypothetical non-broken tools.

Nevermind 'Huawei' the sensationalism, what matters is "heiwa" (="peace").
Deeper issues are still brewing.

IrritatedJune 6, 2019 9:15 AM

"Again, anybody who wants to build a more resilient system shouldn't be mocked."

I doubt China will be sharing its resilient system with us - at least, not willingly.

FaustusJune 6, 2019 9:44 AM

@ HowAboutSaving_NotDestroying

"The multimedia companies and politicians alike waste our time chasing non-existent foreign terrorist invaders and immigrants."

Oh HowAbout, don't you realize that the hacker apocalypse narrative is no different than than terrorist narrative? They are one and the same.

Don't confuse security industry advertising for reality. Of course, the industry would love people to be terrified and run to their products and services. The authoritarians would love to use this opportunity to surveil us and limit our rights. This is a much greater danger than hackers.

How have hackers actually affected you or people you know directly? If you are like most people, not very much. But surveillance today is determining how you are perceived by government, business, landlords, medical insurance and even potential dates. It is the much more significant danger.

If you went to Russia or wherever and met these "malevolent hackers" you would find them more like Google employees than bank robbers. Google, Facebook et al buy the government before stealing from us. Otherwise they don't differ much from the "criminals". And the fact they have embedded themselves in government makes them the much greater danger.

Denton ScratchJune 6, 2019 10:18 AM

"Custom" sort-of suggests that it's a customized version of an OS that already exists. The ZDNet article says they're not basing it on Linux; t5he implication is that they're building it from scratch. that seems pretty dumb.

We already invented wheels; they're round things with bearings. If you invent them anew, you'll just get round things with bearings, but they won't work so well until you've spent a coupla decades finding and fixing the bugs.

WinNT included architecture and code taken from VMS, and modern versions of Windows are loaded with code taken from WinNT. Much of Linux is based on ideas (and often direct code lifts) from SystemV, Xenix, Berkely Unix, SCO, and other early 80s versions of Unix.

There may be some value in redesigning everything from scratch; it's really hard to debug antique burnt-on cruft. But I wouldn't count on seeing a useable product for a couple of decades - especially if the project is being run by a bureaucracy like the Chinese Military. Most successful, innovative software projects are produced by small teams, working with minimal management interference. That's not really the PRC way :-)

uh, MikeJune 6, 2019 10:52 AM

Thanks to UTF, Variable names will contain ideographs. Kind of like emojis in your code.
NSA will have to hire Chinese speakers to hack China.

Nameless CowJune 6, 2019 11:04 AM

@Denton Scratch

> the implication is that they're building it from scratch. that seems pretty dumb.
>
> We already invented wheels;

That's not necessarily a dumb decision. The code base may be new, but the design (and elements of it) need not be. They get to benefit from the experience of Linux and other OSes, so "new" is not the same as "untested". By starting from scratch, they can tailor the scope to exactly what they need, and have the freedom to exclude baggage in other OSes that has accumulated over time. Complexity is a big hindrance to security. By not having to meet the needs of very diverse users, they have an opportunity to adopt simpler designs. Since it's their own design, there may be less pressure to add lots of features to it, and do it quickly. To me, that is conducive to more careful and thoughtful design and implementation.

RealFakeNewsJune 6, 2019 11:45 AM

I disagree that it takes a nation to develop an OS, and I further disagree that it would take decades.

The other issue is that operating systems like Windows are general-hardware capable. This is quite a different proposition to developing an OS built for specific hardware.

I'd argue that to improve security, several things need to happen:

1) The OS is more hardware specific, and fewer generalities or assumptions are made lower down

2) The idea that "the current way" isn't viewed as "the only way"

3) The design can benefit from heindsight and as such careful analysis of classes of compromise (buffer overflow, priviledge escalation, memory leaks) can have in-built and ENFORCED checks at all levels within the software, which will then necessitiate new research and attacks.

To think the *nix way is the only way, or that it requires a massive country to write an OS, is frankly arrogant in the extreme.

OtterJune 6, 2019 11:55 AM

If any organization assigned a bunch of people to read Schneier on Security, and take notes, they would gather enough information on _known_ problems, weaknesses, malware, misconfigurations, sloth, and so forth, enough to successfully harden most *nixes ... maybe even Windows. Bruce Schneier is not the only security expert blogging in public.

If "Chinese Hackers" are only a tenth as clever as Anglo-sphere politicians like to bewail, they already know most of the existing security breaches. They can find more. They also know about USB drives.

Debian Linux and Microsoft Windows are poor examples for military OS. They are burdened with legacy. A military OS does not need to support 'Mine Sweeper', thousands of hot video games, millions of infected apps, whatever chips and components your corner OEM happens to find cheapest this week.

A military OS will be stripped down, matched to a few controlled harwares. And it won't display kittens.


The People's Liberation Army is no longer a horde of illiterate peasants waving Mao's Little Red Book. They put robots on the far side of the moon.

albertJune 6, 2019 12:18 PM

Why start with a POS? First you have to fix everything in millions of line of code. Modern OSs are too big, and modern browsers are even worse. Why not start from scratch? Get all the BS out first.

The DPRK has a blank slate, so to speak. They could eliminate Java, Flash, and others of their ilk. Force email to be text only. Even eliminating HTML, or at least the URL parts. State-controlled social media. They could even have encrypted checkers to monitor the OS and the computer for any modifications. They could design their own Internet(DPRKnet?:), since external compatibility isn't an issue. They don't have to provide anything really useful, only moderately so, and the people would still be happy. Of course baked-in State monitoring will be there, but aren't the people already used to that? When you live in Hell, a visa to Purgatory seems nice.

China has a different problem. Their systems are already in place, and that's a tougher nut to crack, -if- they want to maintain compatibility with foreign networks. OS vulnerabilities are a problem, but there are lots of other ways to hack a system. I don't think modern OSs will ever be 'fixed', and even if they were, they're only a link in the chain.

Linux and its variants aren't inherently safe, no OS is, but adding (often required) software to the system quickly brings the situation up to nightmare levels. That s/w cannot be fixed, except by the maker, and those companies have only moderate interest in secure code.

So it didn't really surprise me when China started adopting Western ways, but it was a little disappointing. They're beginning to suffer the consequences of following that path, but they haven't lost their tradition of long-range planning. That's a plus for them. At least they don't have to deal with endless and meaningless political theatre.

. .. . .. --- ....

Jack KrogerJune 6, 2019 12:34 PM

With their advanced AI skills, the Chinese are building the SKYNET operating system. Prepare to be terminated with extreme prejudice.

Alyer Babtu June 6, 2019 1:58 PM

@Jack Kroger

I used think that scenario was just in the imagination, but not so much anymore.

The “robot” cat has really been out of the bag for over 200 years, so the only option is to manage it. All things network are pointing towards a machine analogue of the integrated sensors, manipulators, command, and “self” monitoring seen in living animals. That’s what an O/S means now. It will be as secure as natural organisms and have to be attacked physically if it gets out of hand.

Wilhelm TellJune 6, 2019 2:00 PM

The operating system does not have to be invulnerable. Just rare enough so that there are not (enough) developers to study and learn the system. So that the resources have to be taken from other, also highly important, projects. -- Well. The best developers, of course, come from China.

The same goes for hardware. For years since Russia had begun the production of "Only Russian" computer. One that uses components and labor that are 100% Russian. I is used in strategic installations.

Denton ScratchJune 6, 2019 3:24 PM

@RealFakeNews

It's true that an OS made for specific hardware can be built very easily, and fairly securely (if you have a focus on security). In the early 80s, myself and my boss wrote an "OS" for a crude banking terminal, entirely in 6809 assembly language. It took about three months. The terminal was turnkey; you couldn't add devices, not even memory. The network was proprietary (and primitive - it was basically just a UART).

Of course, it had no device driver framework, only the most rudimentary memory management, and no support for multiprocessing (so no process management). These are all things that I would expect a real OS to provide. All of these features are difficult, and all of them present serious security challenges to the developer.

The ZDNet article says that this PRC Army OS is supposed to be a replacement for Windows. An important feature of Windows is that it can run on disparate hardware, and can accommodate a wide variety of devices (including devices that had not been invented when the OS was written), and provide a framework for writing services. It supports multiprocessing, and provides fairly complex memory management facilities. A lot of Windows is devoted to UI management, and associated APIs. If that's not really what the PRC are planning, then sure - shouldn't be a problem. But the article (which is rather short) speaks of a replacement for Windows.

But if the article is really about a modern version of our 6809 banking terminal "OS", then my response is "Wow. Big deal. Have fun rewriting it from scratch whenever the hardware gets updated".

JPAJune 6, 2019 10:28 PM

@Denton
I think I am echoing your sentiments somewhat. I was first agreeing with the commenters who were stating that a stripped down OS would be much easier to build and be quite secure, and then I remembered the programs I have developed that stated small and stripped down and bug-free because they were small and stripped down. Then users wanted an added feature or capability or connection with other hardware. Every addition added a large number of new ways for the user to cause incorrect program operation and these took a lot of time to eliminate. As the program grew the number of ways users could cause incorrect operation grew factorially. I'm sure the PRC knows this and has plans to deal with it, but I think it might be more efficient for them to focus more on hardening their systems than running a new OS.

Another issue is that humans are a weak link in the security chain, so the new computer OS will still have the vulnerabilities of the human OS.

Clive RobinsonJune 6, 2019 11:06 PM

@ RealFakeNews, Denton Scratch,

This is quite a different proposition to developing an OS built for specific hardware.

As @Denton notes a lightweight OS on fixed hardware is not that difficult to write.

The real question is "Is it more BIOS or OS?" I've written skeleton BIOS's in Asm in little more than a few days and ported over the modules from earlier BIOSs over in a couole of days more.

The simple fact is you can cheat big style. Almost all CPU ISAs have commanality in the basics which you can write in a psudo-code that easily converts to one of several ISA architectures. Most Microcontroler I/O is fairly simple and thus relatively quick to develop for.

The big problem many see dor OSs in small embeded systems is the lack of MMU which can result in having to "in place" compile all programs into a monolithic code block. You see this route taken with some embedded microcontroller systems.

However the lack of MMU issue can be resloved in other ways without going into all the details stack based systems can be written, or an interpreter can be used such as a byte code system that effectively cares not where in memory it interprets from.

The point being most military systems do not need the trapings of a deliberately overly complex OS. They often also want to work from batteries 24x365.25. This means low CPU overhead and the use of a Real Time OS (RTOS) can often give this more effectively.

There are quite a few other techniques you can do. One is have an OS designed to work in a "headless" manner such that much complexity of a complete user interface is not required. In essence you could build it as a control terminal and plug in units on a network bus architecture.

Think of it as "IoT" in a box, with a user interface system talking via a network to physical CPU instances with HTML as the interface standard.

When you cut away the baggage of backwards compatability life becomes a lot lot easier.

No OneJune 7, 2019 1:11 AM

China, and the others who are able, should create their own operating systems, just as they should create their own hash functions and encryption. Consider the block cipher SM4 and the SM3 cryptographic hash function, both of which are industrial standards in China.

It is in their interests to protect their data.

Here is a story: one day the chickens stopped fighting for a bit and asked Mr. Keymaster to build a lock for the chicken coop. The chickens said, "Sir, can you make a lock to keep out Mr. Fox, he wants to eat us." Mr. Keymaster said, "Absolutely, I'll make you SHA1."

The chickens then went to Mr. Keymaster's house in Maryland to pick up their new lock and celebrate. They were so happy and confident, but the trees in the front yard of the house were dead, and there were many long, narrow windows in the house, eye-like in fact.

One of the chickens asked, "What's for dinner?"

IsmarJune 7, 2019 1:48 AM

Lack of details on what kind of OS they want to build makes it hard to comment of the practical implications but any kind of biodiversity in an ecosystem is good in case of a major disease so having something apart from 2-3 predominant OS types is in my view a positive development indeed.
To make it truly secure, as the regular readers of this blog know too well, they will have to run it on their own hardware as well.
Now can somebody from China send me a check for $1000 for this advice please 😀

tfbJune 7, 2019 1:49 AM

So, yes, we already have invented wheels. Most of them are round, although a significant proportion are still irregular hexagons. Square wheels are considered obsolete and are now only used by the financial industry and in aircraft flight software. We make our wheels from nitrocellulose, which was very cheap 50 years ago, and usually does not catch fire. The wheels attach to axles by five bolts: three have metric threads in two sizes, one is ASF and the last is Whitworth. Usually we just ignore which is which and hammer the nuts onto the bolts: they usually hold well enough. The wheels have tyres, which are inflated with phosgene.

Yes, no-one needs to reinvent the wheel.

Z.LozinskiJune 7, 2019 4:08 AM

I don't understand why building a new operating system (OS) is seen as such a major undertaking.

Today the world is (apparently) dominated by a small set of monolithic operating systems, with decades of legacy: Windows, Linux, MacOS/iOS and Android. It was not always so.

When I started my professional career, there were many more independently developed OS. In my first six years of employment, I worked on VM/370 (1967), OS/VS2 (1964), CICS (1967), DOS (1980), OS/2 (1986), ARTIC (1985), AIX (1975) and NextStep (1975/85). (Design dates in brackets). Designing a new operating system was a task for a university research group or a department in an industrial organization. IBM had (at least) 7 operating system development teams in a company of 300K+ people. Even if you are hand-coding in assembler, you can design build and test an operating system with a team of a few hundred people. I do not believe the suggestion that a country, that is a major industrial superpower, with over 1 billion people can't build an operating system.

We now have much better tools - higher level languages have made a substantial difference from coding in assembler. We have a much better idea of how to structure complex systems. Test-driven development is a great advance.

The great attraction of Linux is you get down to a single operating system for all platforms, which reduces development cost. Linux is getting on for 30 years old. Yes, it's been refactored many times.

In recent years, Amazon, Google and IBM have built cloud operating systems from the ground up for their infrastructure - e.g. the Nitro hypervisor, the Spanner distributed store. And I'm fairly certain Alibaba and Facebook have done the same. Look at what is happening in telecom with the Open Compute Platform (OCP).

If you want a successful clean-sheet operating system, there are a key set of challenges.

First and most important, deciding the requirements. Cloud OS? Desktop OS? Mobile handset OS? Embedded real-time OS?

Second is confidence the problem can be solved. is that the academic community have forgotten how to design operating systems, and teach Linux as the one true way. We have a generation of students that have grown up to become engineers in this monoculture.

Third is the decision is what hardware does the clean sheet OS need to support? Device drivers and compatibility testing are one of the huge costs. The blemishes of the original 8086/88 architecture still show through in x86 operating systems.

Fourth, and the hardest problem: resisting external pressure saying you have to have something complete in 2 years.

Back of the envelope calculation says 5 years, team of 60 good engineers, and USD 100M will get you a clean-sheet OS for a well defined domain. You now see why most companies say Linux is good enough, especially when everyone else is using it. You can equally see that this is achievable for a country.

After the ARM and Google announcements about not being able to support Huawei post-boycott, I would expect to see China building clean-sheet microprocessors, operating systems and other critical non-open source software I'm the coming years. It is just a larger version of what Western defence ministries do today under the heading of sovereign capability.

Wesley ParishJune 7, 2019 4:28 AM

Some time in the 2000s either Slashdot or OSNews reported that a Chinese Technical university had written an Open Source kernel in C++. It was on a publicly accessible FTP/HTTP site when I went there shortly after and downloaded it. Unfortunately my copy is on a PC that's joined the choir invisible and I haven't got around to getting that fixed.

So I find no problem with the PRC writing their own OS from scratch.

And as a replacement for Microsoft Windows? The MS Win32 API is by now rather well known, since there are the official implementation, the WINE re-implementation on the X Window System, and the leaked MS Windows NT 4.x source tree and the partial leak of the MS Windows 2k source tree. Besides, the PRC has had official access to the MS Windows XP source trees for over a decade by now, so they know quite well what they are wanting to get.

They don't need to re-implement the entire enchilada as well - for embedded systems that would be painful and Microsoft itself offers embedded OEMs the opportunity to cut out the bits and pieces they don't need for their individual projects.

I do expect someone to leak it sooner or later. (I've heard about a leak of the IBM OS/2 4.x source tree, and I take it everybody knows about the SunOS source tree leak a while back, and we all know about the MS WinNT 4 and MS Win 2k source tree leaks ... not to forget the Snowden and Pentagon Papers leaks, and countless others ... I don't regard the Chinese as fools because they're not; Chinese literature is full to the brim of the sort of treatment the average Chinese wished to ladle out to the fools in government and commerce. Leaks are inevitable.)

Gerard van VoorenJune 7, 2019 4:39 AM

When you look back to the eighties then a couple of very interesting approaches started to appear, just look at Plan-9 and Oberon.

I mean, they both work! And they both worked roughly the same way and they didn't require an army of developers to engineer. In fact Oberon was a project of two men! And Plan-9 probably a dozen of guys.

And security? Well, both were at least on par with how secure it can be! I mean, both were written in a very clear way with code that anyone who can read code can understand.

So all in all can be, but I agree with Bruce.

Clive RobinsonJune 7, 2019 7:27 AM

@ Irritated,

I doubt China will be sharing its resilient system with us - at least, not willingly.

Actually they might well do so it actually would be very much in their interest to do so.

Look at it this way, Microsoft knows it's Own OS's have basically reached the end of the road. It's why they are starting to slide NT out from under Windows and sliding Linux in ubder Windows. The Dave Cuttler project to "Make a better Unix than Unix" is kind of over, and it was toppled by "mediocre" and "Marketing Madness".

People realy need to stop thinking about "Windows" as the "OS" it's not in the same way the various versions of X-Windows is not the *nix OS.

But more importantly as Glugle knows, the day of the secure OS as the decider of computer security is long long over.

If you want security on modern "User Computers" you need to realise that it's the "Web-browsers" that are in effect the New-OSs from the security perspective, the old OS is now just an encumberance / bottle neck that delivers some system resources none-to-well. It's why people are doing "User Side I/O" to get what they see as higher efficiency or through put.

Thus any new OS should realy be stripped right back to a minimal "switching matrix" for resources that is designed to "hand off" I/O to user mode from kernel mode.

Glugle knew this before they told the world about "Chrome" and if you look back on this blog you will find "Web-Browser as OS" from the security side was being discussed on this blog.

Again as for China sharing the OS economically it would be very much to their advantage, oh and they would not need to front / back door it or "golden key" it, all of those are the imaginings of the "Hawks" mentality that gave us that mountain of rent seeking middle men and corporate asset graspers, who see profit in fiscal constraint / rights stripping. There are other views that realise that there are other ways to get a larger piece of pie, one of which is to make another pie, not speend fruitless time arguing just how thinly you can slice a single pie...

Clive RobinsonJune 7, 2019 7:56 AM

@ uh, Mike,

NSA will have to hire Chinese speakers to hack China.

And where will they hire them from?

The US IC has had a series of "War on Chinese" people that they employed in the past (look up Wen Ho Lee and Janet Renos comment, then look at what is happening to Ms Manning). You can be sure not just the Chinese but other Asian communities are looking and thinking.

The current round of nonsense from the US Executive does not help warm the idea of the US IC to first second and more generation Chinese or other Asian graduates. With the fact more and more non government jobs are opening in the fields of Software development, Mathmatics and Physics etc, they can now find non GS employment often on way better rates etc.

Alyer Babtu June 7, 2019 12:35 PM

@Clive Robinson

minimal "switching matrix" for resources

Sounds like QNX Neutrino ...

Jack KrogerJune 7, 2019 2:10 PM

You can bet your bootstraps the PRC will install many backdoors to allow them to spy the users.

We all know that developing secure cryptography requires it to be openly available to everyone for analysis. Those who develop proprietary systems end up with the least secure systems. Same with operating systems.

Jack KrogerJune 7, 2019 2:22 PM

There is already ongoing work by various major players to develop a new operating system for quantum computers, so the existing major OSs will have to be revamped anyway.

GuestJune 7, 2019 5:00 PM

Theo Jansen makes wind-powered sculptures that move with wheel-like rotating "legs" that plant "feet" upon the beach.

lurkerJune 7, 2019 6:58 PM

@ Veg,
thanks for asking my question, whatever happened to Red Flag Linux? I've still got an ISO I downloaded back in the day. I never actually installed it, but I did have a bit of a poke around, wondering why this or that...

Most of China runs on Windows in some form. It used to be all XP, but I've seen a few versions of NT. The trick is to strip out all the unwanted crap, and run it on a network which you control. So another wild speculation would be they use the basic Win kernel and shell, and bolt onto it a "Socialist OS with Chinese characteristics".

Consider the Chinese Railways Ticket sales and seat booking system with zillions of terminals in every station, all running WinXP. Third party sales agents and ordinary citizens can also book seats and purchase tickets on a public gateway. I never heard of that system being hacked. They know the physical location of every computer in the country, and the penalty for hacking a public service is 50 grams of lead, intracranial.

LeonaJune 7, 2019 7:47 PM

@Alyer Babtu,

Sounds like QNX Neutrino ...

That's simpler than other kernels for sure, but not minimal. It's rather complicated and isn't practically separable from procmgr and pathmgr. The source code hasn't been released publically for some years, so not practical for anyone insisting on auditability.

HowAboutSaving_InsteadOfDestroyingJune 7, 2019 9:47 PM

@"Faustus":

uh, your canned responses are entirely irrelevant; they don't displace any of my accurate high-precision comments. You've written as if you got your response auto-generated via a JavaScript XML form.

Therefore, I restate my comments as follows for everyone else:


It's not really a laughing matter to me.

I see the entire computer science industry and it's derivatives at risk of total destruction due to massive devolving into malevolent hacking and malware supersaturation. When this happens, unless prevented, nothing will work as intended, and most devices and services will fail. What I'm talking about would be independent of the IoT (internet of "things") problems, but will probably be made worse by such arbitrarily pushed trends.

So if anybody anywhere wants to prevent the wholesale loss of all of the benefits of digital technologies, I'm ok with that. It's not like the malevolent hackers and malware makers are going to provide any of us with healthy alternatives that work for us and not just for them.

But of course, what works for malevolence will fail too; that's the idiocy of it all; eventually it will all be compromised and infected and failing. And of course, for those of us living in places where the gear runs too much of our lives, lives will still be at risk--sometimes less, sometimes more.

Hacked self-driving vehicles and hacked life-support systems and hacked ventilation systems and hacked railway systems and hacked planes and helicoptors and hacked military drones doesn't seem like a good idea to me. Death is death is death.

The hackers seem to act as if nothing they do adds up to anything other than their own gains. They don't realise that they are collectively building the end of civilization, burning down every town from every direction.

The multimedia companies and politicians alike waste our time chasing non-existent foreign terrorist invaders and immigrants. The real threats to America (and the UK, etc) are all right here in America. The crazy dangerous foolish types here in the states don't give a damn--they are true 5150's thru and thru.

Again, anybody who wants to build a more resilient system shouldn't be mocked. There could be a trickle-down effect or better. America looks like it's about to get knocked down by it's own sociopaths. Whoever is left standing who isn't a perpetraitor is worth knowing, as well as their hypothetical non-broken tools.

Nevermind 'Huawei' the sensationalism, what matters is "heiwa" (="peace").
Deeper issues are still brewing.

yes, it's personal; but people {afraid of/conditioned against} knowing won't and can't know. there's no corroboration from those who resist intellectual epiphany.

jjoensuuJune 7, 2019 11:08 PM

Bruce:
"Normally, I would be highly skeptical of a country being able to write and field its own custom operating system, but China is one of the few that is large enough to actually be able to do it."

hmm yea I thought (could be I am wrong) that there are some operating systems that have been produced as a collaborative effort of not-so-many-people.

I mean if people in general can collaborate to produce an OS then probably so should be even a medium size (slightly totalitarian or more totalitarian) country be able to do the same?

Maybe the issue is building applications for the software but this could be done with time...

Clive RobinsonJune 8, 2019 5:48 AM

@ Alyer Babtu,

Sounds like QNX Neutrino ...

Since RIM took it over a decade ago, I've not seen very much of QNX. But yes it's got a very light weight RTOS kernel with most other things done in U-Space not K-Space

People tend to forget that for many activities you realy do need an RTOS as other scheduling systems start to trip over themselves when going over 50% utilization.

Usefully with the I/O and other "helpers" you only load what you need not what a kernel designer thinks they can squeeze in "just in case".

JohnnyJune 8, 2019 6:31 AM

Given their vast technological prowess, I'd surprised if they haven't done so already for their most sensitive military systems. This sort of announcement in the aftermath of Huawei debacles most probably point to a civilian and light government use cases.

Grugle had the vision years ago as they now dominate most of our consumer electronic space where they harvest vast amount of consumer and usage data for the purpose of "marketing" and god knows what else.

However, this Huawei nonsense is likely related to 5G dispute under the surface. Note that none of the other chinese "consumer grade" makers got the NWO (new world order) ban. We can logically conlcude Huawei 5G tech poses a real and substantial threat to US dominated cellular space and the fact that space plays a significant role in information warfare strategies.

C U AnonJune 8, 2019 1:35 PM

@Johnny:

Note that none of the other chinese "consumer grade" makers got the NWO (new world order) ban.

You might want to dig a little below the US MSM nonsense, there are other Chinese Electronics companies involved with FMCE that have been hit (ZTE for one).

JohnnyJune 9, 2019 2:06 AM

@C U Anon,

I was referring to "glaring" consumer makers such as Xiaomi, Oppo, Lenovo, etc. as examples of smart phone makers that were relatively immune.

The other big name on the saction list is HK Vision, which is a well-known government sponsored surveillance maker not a smart phone manufacturer running Andorid OS.

C U AnonJune 9, 2019 2:35 AM

@Johnny:

I was referring to "glaring" consumer makers such as Xiaomi, Oppo, Lenovo, etc.

You mean those without dirrct "stratigic value" to the USA, and also by blocking them would cause undesired political feedback in an election run up.

If you stopped the products of those three companies, even "Joe Average" would notice in the run up to Xmas by lack of goods in the stores prior to Nov elections.

I'm sorry if I sound cynical, but I suspect that after the Nov elections, which ever way they go, the crack down on all Chinese consumer Companies will start.

It's a bit pointless realy because the USA is nolonger in the position it once was and science and technology are starting to bypass the USA due to "political policy".

It's not just people attending conferences that are begining to feel "the chill winds" even US researchers are having grants cut for basic research and it's not just "climate science" it's "polution" and "environment" science as well that is getting the chop. Due to political preasure from "coal money" I suspect the next big target on the list is "renewable energy" there is alread some states where decidedly anti-renewable legislation is either now on the books or heading that way.

NickJune 9, 2019 4:08 AM

I don't see why there is so much scepticism about this. Developing an OS is a big job but it's not a particularly difficult one for competent programmers. Torvalds wrote the first version of the Linux kernel while a student. The rest of the GNU operating system has been re-written a few times.

My take is more along the lines of "why didn't they do this 20 years ago?". A Chinese-developed OS will be hacked by the NSA, vulnerabilities will be discovered and fixed, in the usual kind of arms race. At any given moment, there may or may not be undiscovered vulnerabilities.

But that is much better than using Windows, where we know for sure that there are always NSA backdoors built in.

A more challenging problem is replacing the other vulnerable components. Hardware security is very difficult - the CPU can have backdoors - and designing / manufacturing your own CPUs doesn't solve the problem completely, because chips are now complex enough that layout software for chips uses libraries that may contain (= probably contain) backdoors.

ClipperJune 9, 2019 4:54 AM

USA destroyed it for everyone by using state-endorsed backdoors. Now everyone is suspicious of Cisco, Intel, Dell, Microsoft and other major American companies. More and more people are looking for open source hardware and software like linux, coreboot and pine. Chinese and Russians did the logical thing to do, other countries don't because they don't dare to even think about it due to tight control from NATO and US embassies. No European country would dare to say that "we don't want to use backdoored software anymore", not to mention hardware where they can't compete anyway.

There are even people who would prefer to be spied by the Chinese instead of the Americans, on the basis that they are out of reach of the Chinese state anyway.

Z.LozinskiJune 10, 2019 4:57 AM

@Clive,

I had a demo of QNX running a car entertainment / navigation system at a recent Mobile World Congress. Certainly within the last 5 years, so long after the RIM/blackBerry acquisition. One of the major auto manufacturers, Ford, uses QNX since 2016. Ford has a team of 400 engineers supporting QNX, hired from BlackBerry in a friendly move, but they may be application engineers rather that core OS developers.

For other embedded OSes, WindRiver still support VXworks, as well as having their own Linux distro. VXworks is still supported for defence applications, but that may be down to very long product lifecycles (think 40+ years) for aircraft programs, meaning that Linux is still new.

Clive RobinsonJune 10, 2019 10:06 AM

@ Z.Lozinski,

For other embedded OSes...

Brings us back to my BIOS-OS-UI point. I've written a good few BIOS's in my time I fairly quickly learnt with 8bit embeded systems that the fastest way to develop was to write an IO-2-API layer that abstracts away the IO specifics thus the higher level software can be easily made modular.

Were they a BIOS? or an OS? well they had features of both and in several cases a standardized UI all be it the equivalent of a cut down 16colour 40/25 line display with upto 255 programable charecter glyphs (Which was all the early "windowing systems" of the 1980's offered anyway). Later I added a striped down curses interface.

When people say the think it would require a "State Level Effort" to write an OS they generally are making the mistake of thinking about an "All Things To All Men" OS that for all Microsoft's and other organisations efforts still does not exist, and because of technological development probably never will do untill we change the way economics works (or does not).

As I keep pointing out modern Browsers have replaced much of the functionality (process control, IPC, IO) of OS's like *nix and NT* and thus have in effect relegated the OS to the position of a BIOS.

Thus the claims for what a BIOS or OS might be are extreamly fluid and certainly in the case of high performance computing a BIOS is just to get to a "sane state" and the OS is seen mainly as a very severe bottle neck on performance thus to be avoided at all costs where ever possible, hence "User mode IO".

It's got to the point where for commodity OS's you could say,

    The OS is dead, long live the OS.

But if you take a step back from the poison pill that is the modern commodiry OS being "All things...", you get what you've noticed as well with,

... is still supported for defence applications, but that may be down to very long product lifecycles (think 40+ years) for aircraft programs...

The point is whilst we might call it "defence applications" the actual bulk of computing is not consumer "All Singing, All Dancing" or "All things..." if you go into the average middle class home in the West the number of microcontrollers, far out number the number of consumer computers.

It used to be by a factor of 10:1 but that now deppends on how you view "smart devices". If you think of them in the way their creators employers do, then they are in effect "graphics terminals" plugged into a switched bus made up by WiFi or other networking.

I'm currently in discussions with people about new products for certaon hobby markets. My point of view is break the system down into functional blocks where the microcontroller in each block has it's own OS-Lite with HighSpeed Serial CI or equivalent interface and WebServer-Lite, these then plug into a "network" (Bluetooth is the one that is favoured). The User Interface then runs on a Smart device used as a graphics terminal.

It makes the whole very flexible and future proof especially with standardised internal casings etc. It also gives the owner a great deal more flexability including interoperability with mobile phones, hearing aids, and tablets/laptops/computers with concequently remote control from any place in the world with an Internet Connection.

What few appear to have realised with IoT is it is in effect the death knell of the commodity OS and much in the way of PC IO. Google with Chrome certainly realised this some time ago.

So China with what is a "clean slate" not tied down by "legacy" could easily come up with a World Beating OS very quickly. This has actually scared the likes of Alphabet and their Cash-Cow Google to the point they are petitioning the US Government under "US National Security" argument not to do to Huawei what they did to ZTE,

https://arstechnica.com/gadgets/2019/06/report-google-argues-the-huawei-ban-would-hurt-its-android-monopoly/

Which to be honest was not a surprise, I'd kind of expected it earlier (China does make rather a lot of Smart devices and the bits that go in them). Unlike the article portrays it's not just the loss the Google monopoly on Smart Devices. More importantly it's the loss of US Primacy in OS's then other Smart Device software like Browser Apps. Add to that the very likely soon Balkanisation of the Internet all in all it would do irreparable harm to the US National Security, economic and otherwise. Even though the US politicos realy don't get it yet, their tactics are actually a gift to the other super-powers, and I guess in turn the rest of us outside the US. Both China and Russia can sit it out, the US can not and desperate people can do desperate things.

JohnnyJune 10, 2019 7:45 PM

@C U Anon wrote, "It's not just people attending conferences that are begining to feel "the chill winds" even US researchers are having grants cut for basic research and it's not just "climate science" it's "polution" and "environment" science as well that is getting the chop. Due to political preasure from "coal money" I suspect the next big target on the list is "renewable energy" there is alread some states where decidedly anti-renewable legislation is either now on the books or heading that way."

"Renewable energy" and its benefits to environment are both very debatable in my opinion. With renewables, we cut carbon production but we dont necessarily reduce "pollution" because we end up with batteries that are toxic and cant be rid of easily. Thus the "coal money" will still hvae their ways as long as coal or natural gas powered generators are cost effectively done connected to a grid, and they too can be made more efficient by intermidiate storage facilities.

Wesley ParishJune 11, 2019 3:10 AM

@Clive Robinson

I'm currently in discussions with people about new products for certaon hobby markets. My point of view is break the system down into functional blocks where the microcontroller in each block has it's own OS-Lite with HighSpeed Serial CI or equivalent interface and WebServer-Lite, these then plug into a "network" (Bluetooth is the one that is favoured). The User Interface then runs on a Smart device used as a graphics terminal.

Well, as the guy in the Jargon Files/New Hackers' Dictionary says: Well, Fsck me with a thousand miles of curare-tipped fence (but don't tell She Who Must Be Obeyed that, she just might do it ... :) ) I came up with a very similar idea in 1993, courtesy of finding out at about the same time, the parallel core metaphors of the Unix operating system and the SCSI data bus - Unix saw nearly everything as a file, and SCSI saw everything as a node. I spent a fair few years working out the consequences of taking those two as the basis for a computer architecture.

If everything (on a hardware level) connected to a given CPU is a node, and (on the software level) connected to the operating system is a file, then every node must necessarily be a potentially independent kernel, and have its own implementation of the basic networking protocols. But it would have a potentially unlimited expandibility, and would need considerably better security than has been the standard over the last few decades. I thought of standardizing on FibreChannel to link everything, since SCSI had the inbuilt limitations of a parallel connection.

I never had much luck in getting anywhere with my idea; but go on with yours! Let us know how you get on! (I'll feel vindicated when you report success.)

C U AnonJune 11, 2019 8:58 AM

@Johnny:

With renewables, we cut carbon production but we dont necessarily reduce "pollution" because we end up with batteries that are toxic and cant be rid of easily.

There is more to it than just the quantity or type of "pollution".

Though in a physically closed environment there realy is no chemical "pollution" just "contaminated feed stock" reentering the thermodynamic down chain that we call entropy at a higher point than it leaves. As the Earth is not closed to radiant energy the real polution that builds up is heat that is not reradiated into space. There is two things we can do with that radiant energy, send it back into space or store it long term in chemical bonds. So even Coal is a battery thus what we are realy dealing with is how to handle what is the "contaminated feed stock" to storage.

The problem with traditional burning is it very inefficiently recovers energy from storage and wastes upto 80% of that energy into the environment often at best only partially recovering the stored energy. In essence smoke is the wasted wasted stored energy contaminating the air. When smoke is kept below certain levels and what you could call the energy storage machinery of plant materials is around you can get fairly good reuse of the bulk of the energy freshly stored. It's why we have the argument that burning biomas is "carbon neutral".

Whilst it can be carbon neutral in small quantities,that is not true in large quantaties where it overwhelms what little biomas generation there is around it. In short biomas should only be considered "carbon neutral" when the combustion process is carried out in an environment where the resulting waste products are over nine tenths reabsorbed before they reach any great hight in the atmosphere. The reason is no matter how efficient the combustion process is in releasing the energy and reducing the waste to just water vapour and carbon dioxide, there is the problem of highly reactive oxidized chemical components that when entering the likes of the water cycle give acid rain that kills more distant biomas. Put simply the best biomas for energy storage and release with minimal contamination is that we consume as food as the waste control can be more efficiently managed. The problem there though is the inefficient combustion by gut bacteria that results in low carbon count hydrocarbons such as methane. As a "greenhouse gas" it has around twenty five times the problems of retarding the radiating into space of the actuall polutant of "waste heat" that either water vapour or carbon dioxide has, it's also something that is not as readily reusable by other biomas thus it has a very long half life.

So even "natural storage and combustion" cycles are far from "neutral" in their contamination effects. If you think about it Coal is for various reasons a very dirty form of energy storage, every bit as bad as the use of the likes of metal chemical reaction batteries.

Thus the question of the waste and it's location. The combustion of hydrocarbons and their associated contaminates result in the waste spread far and wide where it's alnost impossible for mankind to do anything about currently except vastly increase areas of fast growing biomas that easily concentrates the contaminates (water lilies whilst good are impractical). Chemical storage via metal batteries and their 200-2000 cycle life actually is better because the high concentration in a very localised area makes efficient recovery and reuse well within not just mans capabilities but profitable. Because the cost of recycling is actually considerably less than that of mining and refining the meyals etc.

Much of the issues when dealing with "polution" discussions is caused by the "out of sight out of mind" problem. That is we don't see the contamination and other issues that give rise to acid rain that falls two hundred to three thousand kilometers away. But we do see the discolouration by rust and other metal oxides in plastic containers. Thus we make incorrect assumptions about the total impact of the waste from storage cycles.

But even kinetic energy storage creates less than local waste. Consider the idea of heavily laden railway cars with generator sets on them on long low grades that can produce megawatts of energy for short periods of time. Each time a wheel revolves steel upon steel contact with friction puts iron contaminates into the air. You can see the result of this in London where there are Victorian era buildings still backing onto the lines in and out of the main rail terminuses. the bricks are indelibly stained with the results a considerable distance into all but "glass glaze" bricks and tiles.

The problem is as I said "Out of sight, out of mind" means you can easily miss things and thus not take things into consideration thus your assesment results are at best skewed. Thus you can start with crooked foundations when you build things up.

Historically you can see this going on with Nuclear power. For various reasons not stated at the time nuclear piles were required to make plutonium amongst other things. Thus stories were started about "A clean safe future" none of which were actually true, and the guy that designed things knew that all to well. Luckily because money was no object in the A/H Bomb game he got his way and some very costly measures were put in place. Various "briefed" Civil Servants who read all and learned nothing, then advised ministers who half listend then made political choices on the old "dock waving" "National Security" argument. The Treasury however grumbled about the cost of the measures and tried to stop them. It's not clear what backroom deal was done but he got to keep his measures...

Now back then a nuclear pile was basically a wall made of graphite you load fresh fuel at the front, and spent fuel with all sorts of enriched goodies like the most poisonous element known to mankind drop out the back and unless automatically removed would cause things to not just get hot radioactively but thermally as well. Thus to keep both under control there was a "forced air" system driving from the front side of the pile, through the pile and up a quite tall chimney with all those costly measures on the top...

Now to put things in perspective you can consider the graphite the pile is made of like extreamly pure coal... As most know add enough heat and oxygen to a fuel and you will get combustion.

One day not long after this pile was started something went wrong and well heat, fuel, and oxygen that was an accident waiting to happen, well happened...

Because the designer knew the probability of this was very high he had designed his measures to deal with it should it happen. However if those well read nothing learned Civil Servents in the Treasury had had their way, then lets just say Scotland would by default have become an independent nation because the bit between it and a little ways north of the south of England would have become a radioactive no go area for a millennium or ten...

Information is key, especially when it's not as obvious as it might otherwise be...

Z.LozinskiJune 11, 2019 1:22 PM

@Clive,

Yes, the current fashion for bundling the user interface and even some applications into the operating system, as opposed to having a small, secure kernel is ... not ideal.

My point of view is break the system down into functional blocks where the microcontroller in each block has it's own OS-Lite ..

You might be interested in the Fairchild SYMBOL machine, developed in the late 1960s. It had 12 processors, each implemented as separate hardware modules - this include the IO controller, but also the supervisor, and compiler. There is a summary in Glenford J. Meyers' "Advances in Computer Architecture" (1st edition, 1978) or Glenford J. Meyers' "Advances in Computer Architecture" (2nd edition, 1982). (These are two different books, but the chapters on SYMBOL are common.)

The more I think about this, the more it seems we have reached a point of stasis in both processor and operating system design.

The security implication is that we keep re-inventing mechanisms at different layers of the stack that have the same function, rather than re-using a single mechanism. Threads vs processes vs VMs vs LCX containers vs Docker containers vs lambdas are all about sharing the execution environment between multiple units of work. Instead of providing multiple (compatible) mechanisms with different performance characteristics, we re-invent the mechanisms and re-introduce the same old bugs. For those who think serverless computing and AWS Lambda is the latest and greatest thing .. look up CICS Pseudo-conversational transactions from the late 1970s ...

Clive RobinsonJune 11, 2019 2:46 PM

@ Wesley Parish,

I came up with a very similar idea in 1993, courtesy of finding out at about the same time, the parallel core metaphors of the Unix operating system and the SCSI data bus

Funny you should say that, but in the decade before that I was working for a company that was into what for the time was very high resolution displays for Mil type training equipment --it's why I don't like FPS video games-- and medical imaging equipment. Back then there was no such thing as RAID, infact the company invented and pattented it's own hard drive array system to pump data into what was the widest bit width computer in the world at the time all to make a 512x512 256 shades of grey "image slice" for a body scanner. We used to joke that one of the engineers was sending a rather nice looking US based young lady who was some whizz mathmatician love letters hiden in two dimensional FFT transforms (they were actually of a teddy bear but that's a long story as is the human head in a box at customs in Chicargo).

Any way back then computer busses were numerous and mostly NAFF...

Fast forward a little bit and 68K CPU cards appeared with "Schugarts Compatible Systems Interface" busses, these were anything but NAFF and you could use it not for talking to Hard Drive Controllers but for building "Parallel Computing" systems.

After moving to a new company I was approached by a group of people who lived around Oxford and wanted to set up an Online-MUD that not only did not use the overly expensive and not really upgradable PDPs or Vaxen but wanted to build a system with real upgrade potential. So after having had my arm twisted at a party by one of their mates[1] muggins here had to design such a hardware system so it was the same sort of boards with later versions of the 68K family. Three boards were purchased and a prototype built, whilst backers were sought by others. Well there were plenty of backers with big words that wanted to see all the details of the hardware... Well turns out none of them had money to spend only industrial espionage to commit...

Unfortunatly for them whilst they could go and buy the boards, what they did not know was that there was SCSI and SCSI the first having more capabilities than the second. It just so happened I had the source code for the first where as the board manufacturer did not... So their attempts at a "rip-off" (one actually stole the hand made OS code ROMs) did not get them anywhere.

Just remember there is no honour amoungst Venture Capitalists, just naked greed and avarice and knives with long blades and fearsom hilts to butup against your spine. Unless you screw them over first they will screw you over faster than a cash register goes "kerching".

So yeah SCSI as was, had real potential that got lost in later versions. It was a shame but that as they say is the way the cookie crumbles. We even ended up looking at Transputers that were realy something at the time. But like those crappy Intel chips we reckoned they were not going to make it big. The Intel chips especially, were the wrong endian used segment registers with tiny code page sizes, dumb legacy problems in the instruction mapping, then there was the crap with... So real men eschewed such frippery and pandering to CP/M and instead went with 68K's and real MMU's and proper Virtual Memory...

Yup, even the best of crystal balls get cloudy days, others the world goes "flipperty flippitty whing whing squidly diderly" and does the dumbest of thinks ;-)

[1] Some bloke called Terry, worked as a PR Wonk for Nuclear Reactors... Wrote a couple of childrens books in his spare time. Bright bloke, keen as mustard about home technology, but he had no money... (Yup that changed a few years later but by then people had moved on as had he, something about a glow in the dark table ornament in his office that loomed was his reason he said ;-)

Clive RobinsonJune 11, 2019 3:03 PM

@ Z.Lozinski,

You might be interested in the Fairchild SYMBOL machine, developed in the late 1960s.

I'm always interested in old hardware, especially why it went wrong and how they got around limitations (Seymour Cray using a hand drill to twist up hook up wire to try to get noise down and the clock speed up being one).

As a certain person I know would hurtfully point an accusing finger into my garage or loft and observe that my interest in such vintage "junk" no doubt stems from having been a child of that era, and still have the shirts to prove it (true I do still have shirts I wore back then, they weren't worn out so I figured they might come back into fashion, such things usually do...).

JG4June 11, 2019 3:17 PM

@ICU

I hope that I linked the air pollution story showing that iron nanoparticles from brakes and combustion engines migrate into the brain, where they contribute to dementia - if not directly cause it. I don't recall a mention of rail and wheel wear on the Iron Giants, but it has to be the same. Side-channel leakage, causing further side-channel leakage.

Just for the record, the car and the tommy gun were a good slice of the new technologies that led to the need for the FBI. And all that entails, to use the Poet Laureate's turn of phrase.

https://www.nakedcapitalism.com/2019/06/links-6-11-19.html
...

Justice gives Congress new details on ‘spying’ probe The Hill
...

NC’s Voting System ‘Master Passwords’ Found Online, Available to Download by Anyone: ‘BradCast’ 6/10/2019 BradBlog. Holy moley!
...

Micropayments-for-news pioneer Blendle is pivoting from micropayments Nieman Labs
...

How Cars Transformed Policing Boston Review

Big Brother Is Watching You Watch

To board a plane without a ticket, just give up your face — and your privacy Seattle Times. A “convenience trap.”
...

Google Tricks: How to Supercharge Your Searches and Become an Instant Power User Washington’s Blog. Of course, if Google hasn’t indexed a site, these tricks won’t help.

Do Brains Operate at a Tipping Point? New Clues and Complications Quanta
...

TRXJune 12, 2019 8:53 AM

Seymour Cray was once asked what compiler would be available for one of his new supercomputers. He said, "I don't know what we'll call it, but it'll be FORTRAN."

It's hard to ignore the vast installed base of Linux, but there is a better solution than starting over from scratch. They could simply *buy* one of the lesser-known OSs. QNX has been around a lot longer than Linux and has a solid development history as a commercial product. Driver support and application software are limited, but that would be the case with any new system.

A contender from left field would be OS/2. Rock solid code and documentation, officially discontinued, and IBM could sure use the money. The Workplace Shell API is a marvel of ease and simplicity compared to Windows, Qt, or GTK, and WPS was designed from the beginning to make it easy to port Windows applications to WPS. The the problems would be political.

"In the beginning there was MULTICS..." The conceptual parent of Unix, it went away due more to corporate incompetence and infighting than anything else. But Honeywell kept their hand in, and eventually wound up owning all of it. It had under development from 1962 and despite rumors and occasional announcements of its immenent demise, it is still available as GCOS. It's now owned by Groupe Bull in France, who would probably be *delighted* to license it or sell outright.

There are *lots* of commercial or free OSs out there that would give them a big step up, without having to start over from scratch.

Clive RobinsoJune 12, 2019 9:27 AM

@ TRX,

There are *lots* of commercial or free OSs out there that would give them a big step up, without having to start over from scratch.

But as the Seymour Cray quote highlights, they all come with "expectation of the past" or as it should be more correctly called "baggage which has to be carried".

As a designer Backwards compatibility is a big collar around your neck causing a slow death. You find that the customers all pull in different directions and will moan if their favourite feature of times long ago does not get the love they think it should. .

And of course all that baggage comes with hundreds if not thousands of little gaps and hiding places that can and will harbour "bugs". That more than likely, someone will find a use for one, as the foundation for new malware...

Starting with a clean slate alows for inovation, to be inventive if not daring. With *nix it started with the notion that every thing was a text stream, this went to every thing is a file. It was the Andrews sustem that gave us everything is a file system, and others have done similar.

If it was me I'd go with everything is a "store and forward node" that is "accessed by using a webserver". I know not exactly original, but provided you dial back on what the webserver does --throw out muxh of html5-- if works with minimum issues for what most people do.

So I would expect something more inovative such that it solves other issues such as synchronization.

LarryJune 13, 2019 1:48 AM

@TRX

Buying an existing product may fit well but it wont play into their security by obscurity strategy. If you buy a product from somebody else to use as your own, it means someone else already knows it better than you do. On top of that, others will already have access to the core of the product.

Z.LozinskiJune 13, 2019 10:48 AM

Recent news from China is that Huawei has a project to develop its own operating system.

"Inside Huawei’s secretive plans to develop an operating system to rival Google’s Android" , via the South China Morning Post, Tue 11 June 2019

Project has been underway since 2012. Initiated by Ren Zhengfei, Huawei's founder, after a strategy retreat.

Breathless press reports in the press about a secure development facility. (Looks to me to be very similar to most product development facilities in the tech industry.) Microkernel based. Designed for both computers and smartphones. Biggest technical challenge is compatibility with Android (not really clear in the article what this means - API compatibility?). Huawei has registered "Huawei Hongmeng" and "Huawei Ark OS" as trademarks. Described to German press in March 2019 by Richard Yu Chengdong (Executive Director of Consumer Business Group). Rumours circulating in China say launch in 2019 or 2020. Conflicting reports say it hasn't been tested on consumer devices yet.

https://www.scmp.com/tech/big-tech/article/3013813/inside-huaweis-secretive-plans-develop-operating-system-rival-googles

Interesting times ..


Clive RobinsonJune 13, 2019 12:21 PM

@ Z.Lozinski,

"Inside Huawei’s secretive plans to develop an operating system to rival Google’s Android"

Yup colour me unsurprised, unlike many westerners, the Chinese tend to think well ahead.

If I was running an operation of Huawei's size working with communications devices from Smart Phones to major backhaul and communications networks I would have developed my own microkernel OS (as I've mentioned).

Lets put it this way, where possible you try not to put your organisation in a dependency position, as that gives others a 'whip hand' over you. As we can see Huawei have diversified and dual/triple sourced components etc.

I guess a few at Alphabet are going to be in a bit of a flap about it. Which means a few politicos will get their ears bent, and influance will be applied.

If I was Huawei I'd start making it freely available, much as Google has, but probably refrain from the "data catching telemetry" that Google puts in all it's apps.

If people feel they can trust their privacy more with Huawei's Ark OS than Android then that 86% market share would start to tumble and Alphabets share holders would get itchy feet.

As I've mentioned before I'm not sure that some in the USA have thought their policies through far enough...

Let's put it this way, the US dust up with China is going to get manufacturers in other Nations thinking. They are not going to want to fold profitable businesses because some idiot politician in the US wants to make marks up the wall. Diversifing into products where there is not just "choice" but "freedom" from that sort of political idiocy going on, is just good business sense...

JoaoJune 14, 2019 9:49 AM

I was amassed to learn any military equipment uses Microsoft Windows... they clearly state in at least old license that the operating system was not appropriated to critical systems like Nuclear installations. Why would anyone install Windows on military equipment to start with??

I was thinking all military equipment would be using some sort of UNIX/ LINUX variation or even some dedicated OS developed from scratch for that equipment. I guess military are as dumb as they seem.

eclecticmnJune 15, 2019 3:35 PM

Joao: Are you sure of that? I assumed that the military and any real time applications RTOS had nothing to do with Windows. Perhaps the military used Windows based SW for the display devices, but even that is scary. A plane visual display hanging or crashing would be problematic.

I always wondered how the Stuxnet virus could possible infect a PLC. Forgive me for sperging. I worked in process control long ago.

In the case of Stuxnet, I believe that the Siemens operator and programmer functionality used Windows based SW to talk to the PLC. Such SW is cheaper to develop. The PLC likely used a proprietary RTOS.

The Stuxnet virus infected the PC based SW and took over some of the programming and perhaps operator functions. The infected PC just downloaded a new program to the PLC. This PLC used a generic machine language type programming in addition to ladder logic and the like. This machine language programmng allowed the PLC to be over written with a new program. This particular PLC allowed locations already written to to be clobbered with a new value, but that is another story.

Thus even a non infected PC program looking to display location X containg centrifuge RPM would retrieve a corrupted value. Because the PLC program was compiled, not interpreted, the operator/programmer PC function could not tell what was being executed inside the PLC. An interpretted system would not have had this problem. It took man months of work to decompile the SW running in the PLC to determine what the SW was doing. Symantec had good papers on this.

In short, I think the Chinese could write an OS from scratch or buy source code and build on that. Allowing access to an infected browser as in Stuxnet has its own problems.

eclecticmnJune 15, 2019 3:39 PM

Q. How did God create the world in seven days?
A. He did not have an installed base.

JerryJune 20, 2019 3:05 AM

@Clive Robinson wrote, "Yup colour me unsurprised, unlike many westerners, the Chinese tend to think well ahead."

The Chinese has the advantage of being "late to the party" among other advantages such as operating from a judicial system detached from the West. They've seen the Iron Curtain fall, Berlin Wall dismantled, and the Rising Sun extinguished, thus they can draw on many past failures by others.

Furthermore, they are very well versed in the Western game and knows how the money game is played primarily thru many experiences in the far east regions thru the early British years of international trade & finance.

Thus, the Chinese won't go down easy in this regard. As they would say, may we all live in interesting times.

Gary MadisonJuly 1, 2019 8:19 AM

My husband was diagnosed with MND ALS (amyotrophic lateral sclerosis) when he was 69 years old 6 years ago. The Rilutek (riluzole) did very little to help him. The medical team did even less. His decline was rapid and devastating. The psychological support from the medical center was non-existent and if it were not for totalcureherbsfoundation .c om and the sensitive cure of their herbal formula he would have been not been alive today,there was significant improvement in the first 4 weeks of usage that gave us hope that he will be alive,His doctor put him on riluzole, letting us know there was no cure until we gave try on total cure herbal supplement that cure him totally from this disease after 15 weeks of his usage. There is nothing positive about cure ALS condition except for their herbal treatment .

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Sidebar photo of Bruce Schneier by Joe MacInnis.