[cap-talk] Why aren't safer OS being used

[Ben Kloosterman]

Even in the Eighties I found this. We were running DOS apps in a Multi User
Os we developed.  Unusual behaviour that did not replicate some esoteric
feature had to be modified to match , I don't think there are many managers
that will not insist on this. Even open source is the same Wine is matching
windows bug for bug.  Apple with the MacOS support in OSX had lots of issues
etc

I think most companies are giving up on this and are using a VM and hide the
fact its running in a VM from the user eg WindowsXP enhanced backwards
compatibility in Windows 7 .


>. IMHO, people who demand bug for bug
>compatibility and new features are living in a fantasy world where they
>don't have to do their homework and make choices.

I don't think this is fair the last company I worked for ( about 5000
employees) had 900 off the shelf Application , and an additional 600 or so
they wrote themselves. For many of these applications the company that made
them will have no interest in recompiling them and in some cases the company
no longer existed, for the in house applications many were written by
developers who have left ,in languages that are out of date and to even
recompile them would be a major expense. These applications were important
to the business and the desktop environment what people expected was any
application would run on any desktop ( via an app launcher) . Generally in
house applications apart from a few critical ones were not maintained.

If you want to create a generic desktop OS then you will either need bug
level compatibility or invisible virtualization support.  For app servers if
you can support .NET or Java ( bug for bug) you have an easy market
otherwise , you could only convince some critical single app server sites to
recompile (only if they need high security) .
Hand held's are an open market atm but with things like iApps its rapidly
beginning to look like the desktop market but even more proprietary as each
of the 3 main players have a single development environment ( IApps ,
Windows Mobile and RIM) . Else you are limited to a niche (defence ,
security ) .

For smaller systems the benefits in terms of reliability / security is not
as great .  It is particularly these application with heavy user interaction
running multiple applications that have the most security issues ( Internet
linked , key loggers etc) 

I think it's worth considering Linux here because it's not bug for bug
compatible with Windows and has never penetrated Apple didn't really succeed
till Office/IE was released for it . 

My question is who will you take Market share from with a Capability OS and
how will you fight there negative comments ? A good example is Linux .

You could try running a secure capability based Java  and .NET Mono VM on
existing platforms , this will especially help the app server market where
even if you convince Management and the devs you have a serious issue
overcoming Infra structure people's desire to run a single system especially
a new system with no skills in the market place. 

These modern APIS have far less bugs you can improve security since 

You can reduce Ambient authority from the user to the application eg
specifying what capabilities the app or VM has .
You can introduce new capability APIs which work well with .NET /Java . The
developers will use these over time for newer applications . 
Also .NET and Javas security APIs are terrible. 

After a few years they would consider a move to a capability OS . 

The other option is to convince Apple , MS , RIM or Nokia  to develop a
Capability OS as they have the resources to convert Office , a Browser , DB
server , Web server , File Server , Mail Server   etc to a professional
quality capability application and can persuade the market to change. ( Note
it's a lot cheaper writing a desktop capability version of something like
Office then a Web 2.0 version) 
 
Regards, 

Ben