Slashdot Mirror
Microsoft Built Its Own Custom Linux Kernel For Its New IoT Service (techcrunch.com)
At a small press event in San Francisco, Microsoft today announced the launch of a secure end-to-end IoT product that focuses on microcontroller-based devices -- the kind of devices that use tiny and relatively low-powered microcontrollers (MCUs) for basic control or connectivity features. TechCrunch reports: At the core of Azure Sphere is a new class of certified MCUs. As Microsoft president and chief legal officer Brad Smith stressed in today's announcement, Microsoft will license these new Azure Sphere chips for free, in hopes to jump-start the Azure Sphere ecosystem. Because it's hard to secure a device you can't update or get telemetry from, it's no surprise that these devices will feature built-in connectivity. And with that connectivity, these devices can also connect to the Azure Sphere Security Service in the cloud. For the first time ever, Microsoft is launching a custom Linux kernel and distribution: the Azure Sphere OS. It's an update to the kind of real-time operating systems that today's MCUs often use.
Why use Linux? "With Azure Sphere, Microsoft is addressing an entirely new class of IoT devices, the MCU," Rob Lefferts, Microsoft's partner director for Windows enterprise and security told me at the event. "Windows IoT runs on microprocessor units (MPUs) which have at least 100x the power of the MCU. The Microsoft-secured Linux kernel used in the Azure Sphere IoT OS is shared under an OSS license so that silicon partners can rapidly enable new silicon innovations." And those partners are also very comfortable with taking an open-source release and integrating that with their products. To get the process started, MediaTek is producing the first set of these new MCUs. These are low-powered, single-core ARM-A7 systems that run at 500MHz and include WiFi connectivity as well as a number of other I/O options.
Why use Linux? "With Azure Sphere, Microsoft is addressing an entirely new class of IoT devices, the MCU," Rob Lefferts, Microsoft's partner director for Windows enterprise and security told me at the event. "Windows IoT runs on microprocessor units (MPUs) which have at least 100x the power of the MCU. The Microsoft-secured Linux kernel used in the Azure Sphere IoT OS is shared under an OSS license so that silicon partners can rapidly enable new silicon innovations." And those partners are also very comfortable with taking an open-source release and integrating that with their products. To get the process started, MediaTek is producing the first set of these new MCUs. These are low-powered, single-core ARM-A7 systems that run at 500MHz and include WiFi connectivity as well as a number of other I/O options.
Microcontrollers on the Internet, talking to your network via someone else's (Microsoft's) computer. Secure? Laughable.
The only way I'd use most "IoT" devices is if they were able to talk directly to my devices, ideally using IPv6 and strong encryption. Let's roll out IPv6, have enough addresses for every device on Earth and maybe on the Moon too, and cut out the need for "cloud" middlemen spying on everything.
So Microsoft released a custom kernel because the kernel maintainers wouldn't accept a second rate, poorly written patch set?
How will they track upstream changes?
"Microsoft-secured Linux kernel."
I don't have the space to list all the things wrong with that phrase.
Yawn ...
It would be interesting to see one of these Marvel SOC's with a Raspberry Pi (or maybe even Arduino) compatible footprint. Embrace/Extend/Extinguish aside there is a chance that this could provide an end point solution that is cheap enough to do IOT at scale, and secure enough to make it worth using.
Microsoft have been doing a lot to provide an environment, toolset and assemblies to build full stack solutions, and a practical (forget Edison) end device with the ability to integrate existing peripherals would be very interesting
Seriously, an A7 and Linux for an IoT thermostat or glass break sensor? Linux is wonderful and all for servers and even little routers, but real IoT devices live on a dirt cheap processor in a few kbytes, not Mbytes or GBytes and last for a year on a single battery. FreeRTOS that just received support from Amazon is a likely solution for IoT. A survey by EE Times suggests that new embedded projects are adopting FreeRTOS and a slightly higher rate for new products than even Linux (page 63) while embedded linux still has a small lead for existing projects. I'll bet this pig ships will mono and C# built into it and that is why they pushing linux.
Bullshit. You know you would buy one of these.
great, juuuuuuuust great.
now when I need to search for a random Linux issue it's going to be mixed up with their shit. fuck this.
Is just a curiosity. No insinuation of any ulterior motives or evildoing whatsoever. Since BSD (and MIT and Apache) licenses are more Microsoft's cup of tea.
I get it that Linux has more driver support for hardware, but then again, this is Microsoft's semi-custom silicon, so they have a modicum of control over the hardware specs and therefore, the drivers.
Is something inherent in the Linux kernel (like the near-real-time patches)? Perhaps better support for containers? More familiarity with the code-base from MS developers? The availability of MS Cross-development tools for Linux?
Whatever the rationale was, I'd love to know it...
They will make a pretty penny selling Azure cloud services (or selling azure datacenter licenses for companies which want/have to roll their own cloud).
*** Suerte a todos y Feliz dia!
"Linux is worse than cancer"
-- Steve Ballmer
Microsoft producing a Linux OS that it will distribute and maintain is amazing! Microsoft has been infected with the Linux cancer. Linux world domination?
Wouldn't buy this kind of junk if it were free.
Microsoft finally admits that they cannot write a compact efficient kernel and must rip off someone else's homework.
This is an Operating system company that just admitted that all of their previous attempts at a stripped down operating system were crap and they cannot re-use any of their code to come up with their own product. WinCE, their phone operating system, all of it, crap and utterly useless. What is going to make anyone feel secure that they can maintain this operating system if they couldnt create it for them selves given all of the institutional knowledge they should have working on operating systems for the past 30-40 years.
Is this the "Embrace" or "Extend" step in the sequence?
It must have been something you assimilated. . . .
Maybe they're doing some extra power management?
"Windows IoT runs on microprocessor units (MPUs) which have at least 100x the power of the MCU....These are low-powered, single-core ARM-A7 systems that run at 500MHz and include WiFi connectivity as well as a number of other I/O options.
If these 'low powered' chips are too weak for Windows to run on, then Windows has a bloat problem.
"First they came for the slanderers and i said nothing."
So this is Microsoft's take on owning a common IoT platform.
Basically a SoC with a secure enclave like a TPM. Since there is no embedded defacto standard for stuff like that, this is their attempt at seizing the reins.
Which is funny, as this also reflects a similar situation in the android world, since there is no core common bootloader/TPM/secure enclave that could unify the ecosystem the same way PC A/T and BIOS did.
Amazon has their IoT RTOS, but no full SoC tied to AWS IoT core. ARM tried with their mbed platform, but that doesn't have the platform chops to get people to ride with them. THe fact that Azure Sphere seems to be a turnkey full platform with end-to-end management fits with their cloud customer handholding philosophy, rather than AWS' throwing out simple core services that system integrators need to build wrappers around.
it's hard to secure a device you can't update or get telemetry from,
This is completely wrong. Let's ignore the fact that it's hard to secure a device that needs updates ( the best way to acquire confidence that a program has no errors is never to find the first one, no matter how much it is tested and used. -HD Mills).
The real lie here is that getting telemetry from a device is not because they want to make it more secure.
"First they came for the slanderers and i said nothing."
They seem to think that "Microsoft-secured" is a selling point, so they're clearly not paying attention to the world outside their bubble. There are probably Microsoft managers who honestly believe that their little also-ran ARM microcontroller platform that's been done a dozen times before is an innovative new thing. A lot of their devoted customers too, probably.
Umm ... all the IoT projects I work on run for > 1 year off a 'coin' cell - average 50uA max - sleep sub 1uA.
Fuuuuuuuuuuuuuuuck!!!!!!!
The only reason I can think of to use your own kernel fork is because you can power optimize it.
For example, if you know your device only checks in every second and you only need .5 second resolution for your sensor then you can put your system to sleep and use an interrupt line attached to your sensor to wake everything up. Then you can run as much CPU as you need to fire up the radio, send the packet, and shut off.
At that point you can also make your system 'almost realtime' by using the transmission window to receive data/commands/etc.
Do you really need something running at 500 mhz? I mean damn, how much stuff you do expect to come off the wire?
if it was free; because the answer is knowable.
subjunctive is only used on a hypothetical whose answer is unknowable.
I recall towards the end of the days when directv CAMs were easy to hack to get free TV, some guy in a major forum of the time (don't recall which one) was expressing anger at directv so much that he said he would never pay for directv, and then later stressed that he wouldn't even take it if it was free. The irony wasn't lost that the mere fact that he was there to begin with was to get directv's service for free.
How does it work? Do you need to use some Indian COM object to call basic functions?
Does all the code look like
Using NamedSpaces Prajeet.Sangupta.Dindar.Bhangra
#BEGIN IDL_TEMPLATE
WindowsUpdater.Yes.Thankyou.Shutdown[ callTo.Shutdown()<Typeof TypeType> ]
I was under the impression that microcontrollers are generally thought to be the kind of CPU that is too small to (comfortably) run Linux because they don't have an MMU. Blackfin is one of the exceptions, but as I read yesterday, support for Blackfin has been removed from 4.17. Running Linux on microcontrollers usually fails because of the little internal memory and the lack of an interface for external RAM.
If Windows IoT targets CPUs that have 100x the power of a 500 MHz A7, then it is a failed product.
After kicking all of the other kids out of it's sandbox and not letting them play all the other kids got together and built their own sandbox. Now Microsoft want to play in their sandbox because all the other kids are having such a good time. I wonder how long it will take for Microsoft to kick all the other kids out of the sandbox this time?
And the morale to the story:
Halfway across the river the scorpion stung the frog and as they were drowning the frog said "Why???" to which the scorpion replied "It's in my nature".
My ism, it's full of beliefs.
Step right up government agency, how many chicken records would you like..
How many entities buy all that data? Who are monitoring your children?
Linux is much, much more well-known than any of the BSDs. Each has their own *technical* merits, but from a *business* perspective, they probably want to sell something that many people will want. Far more people have a favorable view of Linux than the total number of people who have *heard* of the BSDs.
It's a Microsoft product so you are guaranteed that it will be discontinued and orphaned long before hackers decide it's worth the effort to attack.
> It seems that Microsoft has moved on since those days.
It seems that their propaganda is working on you.
C'mon. Think. Think a bit harder. Microsoft's business model hinges on making their customers dependent. Free software, OTOH, thrives on making customers/users free.
This doesn't mix well.
Meanwhile back in 2002 from What's the Business Case for Microsoft and Open Source?
MS does BSODs, not BSDs
aaaaaaa
No, you're wrong.
In real life, encryption software is extremely complex, and flaws in complex shipped software are found regularly. Your quote is irrelevant, because error-free software of any meaningful complexity does not exist, and so if you ship software that you can't update, a flaw in it will be found eventually, and whatever encryption it contains will be broken.
Oh, I'm sorry, you write shitty code and now you are trying to justify the pile of shit that it is. Let me guess, your bug tracker has an ever increasing bug count, and you have some excuse for that too? If you even have a bug tracker.
"First they came for the slanderers and i said nothing."
Shitty smelly parasites hindu-chimps at shitty Monkeyshit Corp want you to train your H1B replacement.
Just because the AmeriCrap(TM) is overly complex and bug-ridden does NOT mean you cannot create bug-free software.
OpenSSL and SSL/TLS in general is a huge clusterfuck of complexity, exactly as NSA-GCHQ wants it to be. It means they can always find an exploit and siphon off the keys. 500k loc and more....
But it does not have to be like this. Less than 2000 lines of code are sufficient if you use the old-school method of "pre-shared-keys". 2k loc can be inspected and bug-free. You get all the security features (confidentiality, replay attack defence, authenticity, obfuscation of identical messages...)of SSL/TLS, without the clusterfuck.
Plus you might have a look at L4 OS and the CompCert compiler.
If NSA can get your keys, you betcha the Russians, Israel and some more players (NK,...) can do so, too.
It will take a few months or even years to discover how MSFT screwed the Linux kernel for their friends in Maryland.
Now build a desktop & a browser for Windows IoT...and a native C# compiler (IDE)...and we will enjoy it on the RPi.
What if your iot product secured its communication using open ssl? And then all that shit from last year happens. Now what?
Please donâ(TM)t tell me youâ(TM)re the only person on earth who can write error free code every time the first time.
There are lots of powerful IoT platforms already out there with sometimes massive user bases.
E.g.
* Raspberry PI - full fledged Linux platform with USB, ethernet, HDMI and GPIO pins. You can quickly build your own sensor/actor system with that platform, if you can code in C. Easy to connect to any cloud/or not server by means of your own TCP protocol.
* ESP8266 (and followers) - super cheap Chinese controller with Wifi and TCP Stack. Easy to connect sensors by means of SPI or A/D converter. Or GPIO. Is programmed in C.
* Arduino - if you need hard realtime and simplicity this is the way to go. Comes in lots of flavors, some of which can even do things like Ethernet.
In other words: No need for Microsoft in this space. Also, these platforms are already well-entrenched with millions in use.
Nobody who knows anything about security would allow anything like this near his network. Let alone spend money on it.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Ah...no....now go wash your mouth out with soap.
"Windows IoT runs on microprocessor units (MPUs) which have at least 100x the power of the MCU.
Read: We're using Linux because even the lightest version of Windows if far too bloated to run on MCU devices.
Competition Good, Monopoly Bad.
Given that Microsoft and Mediatek are partners, I'm not sure this will be as open as it is led to be.
"Forget the engineers." -Carly Fiorina, briber of MIT Technology Review.
This one is Microsoft secured. It goes to 11.
"First they ignore you, then they laugh at you, then they fight you, then you win."
(By Eric Raymond, speaking of open source, and quoting Gandhi.)
Circle the wagons and fire inward. Entropy increases without bounds.
If any of the software that Microsoft is redistributing is licensed under the terms of GPL3...
Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version.
That would mean that Microsoft and it's shills (as determined through discovery) can no longer use patents to sue any vendor using the same software.
Of what possible relevance is a slashdot post from 16 years ago to today? It's worthless.
The Microsoft's bottom line is the bottom line reason for it's open source adoption. When Ballmer ran the show with the anti-linux posture, MS shares lost 40% of their value. When Ballmer resigned and Satella took over and took a linux friendly position, MS shares added 50% more value. Azure is second to Amazon AWS in adoption and is growing. MS is making money with Linux and opensource products in the cloud market.
Those totally came from reliable sites ... ... oh, and even if your Linux distribution supports repository and package signing ... look up how the key servers are managed. I did. The key servers and master key managment themselves ate done by community servers and their admins. Which you can become too. And then inject fun stuff.
(I'm a Linux user, and don't even have Windows installed anymore. Mainly because I honestly don't know which Windows to install. Not because I would never use it. 10 is a nightmare because of the "telemetry" and the forced updates, 7 gets no real security updates anymore, and 8's UI is a joke worse than XP.
I can't think of a sensible case where such a device wouldn't be near a power cable.
Control for anything electrical already requires a power line.
And frankly, I've already had it with these motherfucking batteries! They have zero advantage, for the cost of having lt replace one more fucking battery every n time units. Cabled or GTFO!
He could have been there for an Echostar hack.
I was wondering whether or not you'd be interested in applying for a job here? All of the developers we have, and they number in the hundreds, appear unable to write code without also introducing bugs, and that's despite the fact that we review alot of it, and have unit and automated tests.
We've spent alot of time trying to understand exactly why human beings, when tasked with writing a series of instructions for unthinking machines, appear incapable of doing so without doing so wrongly. Worse, they don't appear to be able to predict a future in which previously unimagined software flaws are taken advantage of. Some of them didn't even foresee the cache-based attacks that leak kernel memory. Honestly, if I had my way, I'd fire the lot of them, and just get you to write everything. We'd probably have to pay you their combined salary anyway, since you never write bugs, making you an extremely valuable human being.
Or, alternatively, you're just a troll/dickhead. It's difficult to tell from your comments.
Of course we don't have a bug tracker, we just write them down on this piece of paper I have here. It's just under this cup, next to the toy car.
Of course we don't have a bug tracker, we just write them down on this piece of paper I have here.
And it has an ever increasing in the bug count. That's exactly why I don't want to work there.
Look, here is a procedure for you to get things cleaned up. You can choose to ignore it but that is your choice. Three steps:
1) Allocate time to fix new bugs as soon as they are reported.
2) Over time, empty the bug tracker until the bug count hits zero.
3) The focus on bugs will improve your skill and programming speed, bugs will be rarer and rarer.
"First they came for the slanderers and i said nothing."
Definitely trolling. No one writes perfect code, but I do see magnitudes difference among different people in both bugs per LOC and performance. Noticing bugs is the first battle. Too many times to count, I've had to dig into someone code for one reason or another, and I many times will find several bugs, many times critical. And many times this code has gone through several rounds of QA and code review over several months. Maybe I'm not the best to compare against, my co-worker says I have a super human attention to detail.
I've got 8 year old code that is still running in production that I wrote several months after graduation when I got my first job and I had 2 weeks of programming experience. It was my first project in the real world. I was to fix some bugs that several senior programming could not fix over several months. I re-wrote the entire ~5kloc program in ~2kloc, made it multi-threaded and wrote my own lock free data structures and algorithms. Over the past 8 years, only 2 bugs have ever been reported, both related to the threading, and both fixed without debugging.
Then there's some other programmers that have been programming for 10+ years and manage to write a simple 200loc application that manages to have 20+ bugs discovered over several months in prod, runs slowly, and somehow manages to gobble memory.
I rarely use the debugger. On numerous occasions, I've had co-workers come to me after days of debugging and a group of people trying to figure it out, and all I do is ask questions like what is responsible for X feature, show me the code so we can see what it guarantees, what guarantees do we have about the data inputs, etc. And just reading the code, walking through it with the other programmers, not only will I find the bug without ever running the code, but many times they find they independently notice the bug before I get to say anything. I know they're capable, seeing that they many times come to the same conclusions as me when presented with the same data, but for whatever reason they don't ask the questions I ask. They look at their code and say "what could it be", while I look at the code and say "what can't it be".
I look for guarantees in code and I use those guarantees to narrow it down. Single point of responsibly is another aspect that I heavily rely upon. If I can logically assert the state has certain guarantees at certain points in the code, there is only so many places for the bug, or any bug for that matter, to hide.
https://en.wikipedia.org/wiki/...
Casteism