Hacker News new | past | comments | ask | show | jobs | submit login

And of all the security issues exploited out there, how many have to do with the kernel?

If some crappy javascript library leaks customers secrets for an online shop, where exactly is the OS kernel at fault?

If the CEO's secretary gets convinced to wire $1M to an oversees account because somebody made them believe it's the boss requesting it, then how would a verified microkernel have helped?

> The Linux CVE database was recently analyzed and it was determined that 96% of the vulnerabilities would be mitigated to at least non-critical status, if not completely eliminated, if linux were a microkernel architecture.

In a fair comparison you need to consider the CVEs that a microkernel would suffer which had been eliminated with a monolithical kernel.

Oh but it's verified, you say? Then the fair comparison is a verified monokernel vs a verified microkernel.

Apples and oranges.




Do verified monokernels exist?

You can say that a comparison is unfair, but what matters is the end result of "which system ends up with the fewest vulnerabilities if/when it becomes widely used", and a formally verified microkernel seems like a strong bet on that front.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: