Slashdot Mirror
Rust-Based Redox OS Devs Slam Linux, Unix, GPL
Freshly Exhumed writes: Redox OS, a project on GitHub aimed at creating an alternative OS able to run almost all Linux executables with only minimal modifications, is to feature a pure Rust ecosystem, which they hope will improve correctness and security over other OSes. In their own words, 'Redox isn't afraid of dropping the bad parts of POSIX, while preserving modest Linux API compatibility.' They also level harsh criticisms at other OSes, saying "...we will not replicate the mistakes made by others. This is probably the most important tenet of Redox. In the past, bad design choices were made by Linux, Unix, BSD, HURD, and so on. We all make mistakes, that's no secret, but there is no reason to repeat others' mistakes." Not stopping there, Redox documentation contains blunt critiques of Plan 9, the GPL, and other mainstays.
It feels like this https://xkcd.com/927/
Show me the code first, then start shittalking everybody.
Who cares? It's a toy OS written in a toy language. It'll join the thousands of other pet project OSes that no more than a handful of people will ever use.
When you are just starting out or if the project is relatively small.
The more adoption you gain, the more the purity is corrupted.
Enjoy the view from your high horse while it lasts I guess.
My eyes reflect the stars and a smile lights up my face.
It's easy to make something clean early on. Stuff gets ugly when it meats the real world.
I mean best of luck to them I guess, but I doubt this is the next great Linux killer.
I'm sure someone is registering the domain name UbuntuRedox.com as we speak! :)
This basically means their special little pony of an OS will be kinda sorta compatible, they will take some "principled" stand and break whatever they choose, and will screech and whine about how the rest of the world is doing it wrong.
Go ahead, be a bunch of yowling zealots, write an OS nobody will care about ... and sit around being all smug about how awesome the thing you've written is while wondering why nobody is using it.
If you want to have a manifesto of childishness and stern disapproval, don't expect to get taken seriously.
I worked with a guy who wouldn't bend on his perceived form of "correctness" ... he usually failed to deliver what was required of him and was an ass to work with, because he couldn't get past being a smug prick to get the job done. Delivering nothing is worse than griping it isn't aesthetically and ideologically perfect.
So, whatever. Throw your tantrum.
Lost at C:>. Found at C.
Microsoft can barely get people to use WinRT and yet this group of nobodies expect to displace POSIX? Sure, brahs.
They are going to base it on systemd, aren't they? Since throwing away past mistakes is a central criteria?
In one of the Jurassic Parks. 'No, you're making a whole load of brand new mistakes'. Sorry to be so down on this, but operating systems are quite complex and the open source ones need a decent community as well.
On y va, qui mal y pense!
This type of microaggressive behavior SHOULD NOT be tolerated in the Rust community. We should all have safe spaces available to create our own OS, no matter what your views are on POSIX. Who is to say what is "correct" or not?
It's impressive that they are out to make both their own kernel and their own runtime. At first glance it looks like a monolithic kernel, someone should page Andy Tannenbaum to harass them, and if it's really monolithic that takes a point from the "not making other people's mistakes" column.
It takes a lot of computer science smarts to even understand what the mistakes in other operating systems were and how to avoid them. And as others have commented, it's easy to point at other's mistakes when your project is in its infancy, much harder when your project is grown up.
I'll really be impressed if they don't map graphics cards into user space. Nothing's ever stable once you do that. That's the biggest mistake in the whole industry. But I bet they don't take fixing that one on.
Bruce Perens.
But BSD isn't quite there yet: most importantly, it has a monolithic kernel, written in C. This means that a single buggy driver can crash, hang, or cause damage to the system.
They're in for a rude awakening when they realize that the wrong bits sent to a piece of hardware can in theory kill it no matter if the OS keeps running.... so you got a desktop with no working graphics, a server with no working NIC and so on. Without an IOMMU you can't even keep any DMA-enabled device from writing stuff all over system memory, unless of course you disable DMA and run all memory access over the CPU which will make performance glacial. Oh and Linux isn't quite monolithic, for example all USB devices have user mode drivers. Just the basic read/write functions are in the kernel.
Live today, because you never know what tomorrow brings
Redox is based on a microkernel: http://www.redox-os.org/book/b... They seem to be emphasizing a very small number of system calls, and making "everything a URL" (instead of everything a file): http://www.redox-os.org/book/b... I'm skeptical this will get very far, but let 'em try!
- David A. Wheeler (see my Secure Programming HOWTO)
Old Kung Fu proverb.
We suffer more in our imagination than in reality. - Seneca
The GPL may not be appropriate for many projects, and Redux' choice not to use it is understandable (they chose MIT), but for Linux, being a very large, multi-corporation affair, the GPL is not only appropriate, it's made Linux what it is today. The so-called viral nature of the GPL is what protects it from corporate interest, keeps it open, and keeps the playing field level for the various contributors and interested companies while being steadily improved by all interested parties.
It's true that the modified GPLv2 that the Linux kernel uses has loopholes in it, and has been taken advantage of by some (Tivo!), but overall it's been a good choice.
Had Linux been BSD, or MIT, I just don't think it would be as big or successful as it has been, and so widely contributed to by many competing companies. The BSD and MIT licenses lend themselves to widespread adoption and use without fear of any copyright repercussion. However nothing in them prevents companies from taking the code they want for their own proprietary purposes, never to release it back to the community for mutual benefit.
I am not saying Redux should not be MIT -licensed. I'm just saying their criticism of Linux using the GPL is debatable.
Hum... Writing an entire operating system in an immature language made by people who apparently only understand javascript and the "web way" of developing things... What can go wrong?
Religion: The greatest weapon of mass destruction of all time
systemd is all about reinventing past mistakes and bringing them into the present in an entirely new way.
Unics, Unix, UNIX, unix, posix, bsd, linux, minix, plan9, etc. They all come from the same basic design philosophy, and it is a very good starting point, simple, clean, wonderful.
Then you want applications to run on it. Then you get performance issues. Then you get security issues. Then you get new types of peripherals. Then you get new types of processors and memory architectures. Then it shrinks to be a raspberry PI, then it grows to be massively parallel and fill a room.
After all that, tell me again about what mistakes you are not going to make.
Heartbleed is a really bad example of what's wrong with C as a development language. If the developers had used C's safety features, Heartbleed, while still a bug, would not have been a problem. Substitute "calloc" calls for "malloc" calls and there's no problem.
Heartbleed is an excellent example of what can go wrong when the developers abandon all thought of safety measures, preferring to make everything run as fast as possible at the expense of safety in security-related software. While there are things wrong with C, Heartbleed wasn't one of them.
"When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
we will not replicate the mistakes made by others
Nope, you'll just brand new mistakes of your own!
systemd is Roko's Basilisk.
The userspace, sure. The kernel? How do you intend to access hardware without using a pointer-type that could (if used incorrectly) crash the kernel? And how are you going to program those drivers etc. BETTER than the Linux people who - if they don't use their pointers correctly - will crash the kernel too.
The userspace can surely benefit from a complete rewrite, but I'm not at all sure what kind of investment in time it would be to rewrite the vast swathes of existing software to be "Redox" compatible, or what would benefit from it. If you're going to do this for security reasons, you can't have unsafe raw pointers, which Rust supports but again "You're on your own, I hope you manage them properly" is the mantra there.
But a kernel? Or even a set of drivers? Love to see how you're going to get close to that, even if you just convert the existing code and abstract out the memory references.
I wish I still was of that beautiful age where you think that technological superiority and general betterness means anything in the real world :(
While I generally like the idea of new people coming up with new projects and hacking away, the linked documentation reads like flamebait and doesn't have much in the way of substance. Some of their contentions are rather strange. For example,
There are numerous other OS's, kernels, whatever that lack for contributors, and are in desperate need of more coders. Many times, this is for a good reason. Failures in management, a lack of money, inspiration, or innovation, or a limited set of applications have all caused projects to dwindle and eventually fail. ...
Take Linux for example:
Ok, let me stop you there. Linux is not a perfect project by any means, but you can hardly say that it is mismanaged, uninspired, or lacking in innovation or money. It had 4000 contributors over about a 1 year period, and 12,000 over a 10 year period. It runs on everything from embedded systems to big iron mainframes and balances the often conflicting needs pretty well, in my opinion. Of all the things you can say about Linux, it does not lack in number of contributors or vitality of the project.
Legacy until infinity: Old syscalls stay around forever, drivers for long-unbuyable hardware stay in the kernel as a mandatory part.
Uh, yes. Because, shocking I know, quite a bit of hardware out there still depends on that code. And anyway, as long as somebody is there to maintain it, who cares if it is old. Admittedly, there is some cruft in the kernel. It's an old project, so I think it is natural to expect that. But at the same time there are people working on it and trying to keep the codebase modern.
While they can be disabled, running them in kernel space is essentially unnecessary, and is, by far, the biggest source of system crashes, security issues, and unexpected bugs.
I'll need a citation for that one. I won't dispute that old code has occasionally caused bugs and crashes, but the statement is hyperbole. The majority of crashes on Linux distributions have nothing to do with the kernel at all. Of the ones that do, it usually has something to do with the binary blobs used to run graphical hardware, which is certainly not old code.
Huge codebase: To contribute, you must find a place to fit in to nearly 25 million lines of code, in just the kernel. This is due to Linux's monolithic architecture.
Hurray, this useless debate continues. I'll tell you what. Show me a working performant microkernel (no, XNU is not a microkernel) and I'll concede you have a point. Until then, it is just useless chatter. As to their point, just because the kernel architecture is monolithic doesn't mean the codebase isn't organized. One can in fact easily work on something like a filesystem without touching the network code, for example. Linux has had separate subsystems maintainers since at least 2003.
Restrictive license: Linux is licensed under GPL2. More on this in Why MIT?.
Non-sequitur to say the least. While commonly debated on Slashdot, really doesn't contribute anything useful to the discussion.
Lack of memory safety: Linux has had numerous issues with memory safety throughout time. C is a fine language, but for such a security critical system, C doesn't fit.
This is really the only interesting thing they have said, but not a lot of detail on what they mean other than that they think the whole kernel should be reimplemented in Rust. Well, let's see how that goes. Check back in what, 5 years?
Compared to BSD, Linux is completely frontal-lobe-missing, in every imaginable way. The code base is one big, ugly hack, and the design is bad
Theo de Raadt, is that you?
You know, there comes a time when you develop software for a living that "do your fucking job" becomes a real thing.
If you have the luxury of pursuing ideological purity in software, congratulations, either your mom is really understanding, or you have a tenured position and nobody is relying on you for anything real. But in the real world, that level of bullshit onanism and self congratulatory crap is something nobody has time for.
That guy who refuses to write the stuff he's being paid to write because it lacks sufficient ideological purity, and instead endless refactors stuff which already works? That guy is asking to get canned because he thinks his job is an outlet for his political agenda. That guy sitting in his basement doing the same thing? Well, he's entitled to do whatever the hell he wants, no matter how detached from reality he is.
Oh, now that's some fucking rewriting of history. Someone didn't take some pure fucking temple of computer science and "dumb down/cheap down" by using UNIX and C ... someone solved actual real damned problems decades before whiny punks like you come along and whine about your elegance and theoretical perfection.
Go ahead, pursue ideological perfection as a goal. But do it on your own time, and don't expect the rest of the world to do anything but roll their eyes at you -- because you're so far detached from actual reality as to be laughable and irrelevant.
Sitting around saying how the rest of the world has done it wrong and your toy nobody will ever use will be so much more better and perfect? Well, put up or shut up, but don't expect applause or interest based on your own level of smug -- that's your damned problem.
Because the smugness does nothing at all to make anybody think you're anything but a whiny little prat who hasn't actually been exposed to reality.
But in my direct experience, the people who go on the loudest about the theoretical and ideological purity of software are the ones who have delivered the least working software in the room -- right up to several people who couldn't deliver the stuff they were being paid to because they were so focused on trivia they failed to do their jobs.
And those people usually delivered badly written, brittle code which was so 'elegant' as to be a useless pile of shit.
Lost at C:>. Found at C.
Unfortunately, your assumptions only apply when memory-mapped hardware is not involved. In other words, when the code in question isn't a device driver. Once it is, you have the potential to bus-fault when you mis-program the hardware and it fails to respond to your mapped reference, wild DMAs to any address can happen due to incorrect programming, etc.
Bruce Perens.
apk?
The "freedom" of the MIT license is the freedom to deny others access to source code. ReDox claims that they aren't worried about someone adding proprietary code because it would, by definition, have to be an improvement in order to be successful. Yes, except Windows is successful without being an improvement on Linux. How did that happen? It happens because people become dependent on a particular feature, a particular standard Over time that may become inferior but because it's now proprietary, it can't be improved without violating copyright.
So why not use GPL? ReDox never really answers that obvious question. If the ReDox folks have a great idea, just implement it in the GPL and then everyone can enjoy that great idea. But what they really want is for many people to donate their code so they can then make a profit off it. And that's why the GPL wins over time.
Also, note that the attack on the GPL specifically focuses on libraries. But in general Linux libraries are covered under the LGPL and not the GPL. So ReDox is setting up a straw man argument. If libraries are a problem, then compare your license to the LGPL.
"He took a duck in the face at 250 knots." -- William Gibson, Pattern Recognition
That is one big pile of shit.
It seems to work for a lot of situations.
Time to offend someone
The Rust community criticizes C++ in exactly the same way.
They go on and on and on about how much better and safer than C++ that Rust is.
But the reality appears to be so much different.
They conveniently ignore that the safety of Rust depends fully on the Rust implementation working properly. Yet the Rust implementation is full of bugs!
Rust supporters will point out that GCC and Clang/LLVM have bugs, too, but they fail to realize that both of those systems are absolutely massive compared to Rust's implementation!
Rust's implementation is basically just a front end and a standard library for a single language. GCC and Clang/LLVM both include support for numerous programming languages, along with the more generic compiler backend systems.
Then there's the whole issue with the Rust implementation being the only Rust implementation. It's not like C++, which has numerous production-ready implementations from different projects/vendors available for use.
If the Rust implementation has a bug, you're fucked. If GCC's C++ compiler has a bug, you can at least try Clang, or the compilers from Intel, Microsoft, and others.
The Rust implementation also depends very heavily on C++ since it uses LLVM, and since its standard library calls out to C code.
Then there's the problem with Rust's semantics actually being far more awkward to use properly than C++'s are, and C++ isn't exactly an easy language to learn and use.
On top of that, Rust's standard library actually makes C++'s standard library look good, and C++'s standard library is often seen as very lacking.
And beyond even that, we find that the Rust supporters conveniently ignore how modern C++ techniques render moot so many of Rust's supposed advantages and safety.
C++ has proven itself many times over. UNIX, BSD and Linux have proven themselves many times over. Rust? It has given us nothing but extreme levels of hype, with very little to show.