One of his dumber takes. Virtualization replaces an ultra-functional general-purpose kernel evolved over decades to support every conceivable application with a drastically smaller "kernel" (KVM and the userland hypervisor). It's a drastic attack surface reduction, and the empirical data bears that out: kernel LPEs aren't even newsworthy (there's whole repos full of unnamed, unremarked-upon LPEs), and KVM escapes are very rare.
Doesn't that message date back to a time that either predates or is almost concurrent with the introduction of x86 hardware-assisted virtualization? I wasn't around playing with VMs back then, but I'm not sure that the track record of x86 virtualization 20 years ago was that great.
It does, but that's an argument about implementations, and his comment is an argument about design. Just read it again and see if you think it's reasonable. Pay attention to the tone and (especially) the conclusory certainty he deploys.
I'm anti virtualization, but mostly due to the internal complexities of the guest applications being swept under the rug, it's undeniable that the host is protected and thus neighbouring guests (of course it is with almost 20 years of hindsight I can say this.)
That the hypervisor is effectively an operating system/kernel I have always held, and that it is a smaller and thus less vulnerable kernel is an appropriate explication I think. It's very hard to secure an all purpose kernel like Linux without actually building it yourself (and even then..)
Thanks for sharing the forbes link. From the link:
"De Raadt says BSD could have become the world's most popular open source operating system, except that a lawsuit over BSD scared away developers, who went off to work on Linux and stayed there even after BSD was deemed legal."
There is some truth to that. And who knows where BSDs might have been if the lawsuit never happened.
However, I think Linux has always has and till today has better leadership, and management compared to OpenBSD.
I also think GPLv2 was another good that happened to Linux. It just creates an irresistible force to contribute back. With *BSD, a company might contribute back or it may not.
Ha! That’s some rose colored glasses viewing of BSD history.
The lawsuit didn’t help. But, the BSD developers shot themselves in the foot when they refused to support x86, referring to it as a “toy”.
It was until Linux came along and started eating up all of BSDs user base that they freaked out and decided x86 support might be a good idea. But by then it was too late.
It's hard to blame OpenBSD's management when there are three other BSDs. You didn't have to work with Theo de Raadt to work on BSD. But while the lawsuit may have been the catalyst, the game was really over when GNOME took off. BSD was sort of an equal target under KDE, but GNOME prioritized Linux pretty hard and had a lot of fans. At that point pretty much everyone making interesting desktop stuff went to Linux and never looked back. Which is not solely a license issue; you can definitely release GPL software for FreeBSD, but the "license war" culture (to the extent it really existed) may have been an issue.
And I guess I do think that FreeBSD had a saner organization pattern than the sort of haphazard ecosystem of projects that grew up around GNU and Linux. Maybe the chaos was necessary for growth, but it still seems to be a hurdle for new Linux users in the current day.
I mean, Torvalds has called basically every person on earth an asshole at some point, hasn’t he? He’s the opposite of being sparing with critisicism, and frankly has historically often used his bully pulpit to do it.
I like Theo and the old Torvalds way better than I like most people. Too bad Torvalds allowed the Perpetually Offended Brigade to shame him into an apology tour. He did nothing wrong.
EDIT:
Since I am posting waaaaaayyyyy too fast for HN's Commodore 64 to keep up with, here is my inlined response to tverbeure below:
> There are many extremely competent engineers who can’t deal with the idea of exposing themselves to public humiliation.
I don't classify thin skinned snowflakes who do stupid things that get them screamed at by Linus, and then are butthurt about it for years, as being "extremely competent."
Imagine going through military basic training, getting screamed at by a drill instructor, and being scarred for life by that. Weak.
> Personally I believe being an asshole to people is doing something wrong.
You mean like downvoting and censoring posts because you don't like them, also blocking the victim from further participation in the discussion because he's now "posting too fast"? Yes, that is truly asshole behavior. I'm waiting patiently for HN's apology tour.
There are many extremely competent engineers who can’t deal with the idea of exposing themselves to public humiliation. That’s especially true in today’s environment where these kind of bully rants have become a spectacle for outsiders. Just google the name of the person who was the subject to one of Linus’ rants about a year ago. Despite being a very accomplished figure in the RISC-V world, top results for his name are links to Linus calling him an idiot. That’s a mark he will have for life. I would die of embarrassment.
It’s perfectly possible to critique without being a bully.
What Theo and Linus are doing wrong is scaring away a large pool of potential contributors who don’t want to take that risk.
The tour came to your post and downvoted you from the looks of it. I'll copypaste your post just to prove you're actually right and deserve visibility:
"I like Theo and the old Torvalds way better than I like most people. Too bad Torvalds allowed the Perpetually Offended Brigade to shame him into an apology tour. He did nothing wrong.
EDIT:
Since I am posting waaaaaayyyyy too fast for HN's Commodore 64 to keep up with, here is my inlined response to tverbeure below:
> There are many extremely competent engineers who can’t deal with the idea of exposing themselves to public humiliation.
I don't classify thin skinned snowflakes who do stupid things that get them screamed at by Linus, and then are butthurt about it for years, as being "extremely competent."
Imagine going through military basic training, getting screamed at by a drill instructor, and being scarred for life by that. Weak.
> Personally I believe being an asshole to people is doing something wrong.
You mean like downvoting and censoring posts because you don't like them, also blocking the victim from further participation in the discussion because he's now "posting too fast"? Yes, that is truly asshole behavior. I'm waiting patiently for HN's apology tour."
> I don't classify thin skinned snowflakes who do stupid things that get them screamed at by Linus, and then are butthurt about it for years, as being "extremely competent."
There is no reason to believe that there is a causation between being a “thin skinned snowflake” and being competent.
> A
simple tool was presented, iofuzz, that exposes exploitable
security flaws in most, if not all, virtual machines available
today. To the knowledge of the author, no similar research has
been conducted before. The results produced by crashme, a
tool well known for over a decade, locating trivial flaws dem-
onstrates this.
No virtual machine tested was robust enough to withstand
the testing procedure used, and multiple exploitable flaws
were presented that could allow an attacker restricted to a vir-
tualised environment to reliably escape onto the host system.
The results obtained demonstrate the need for further
research into virtualisation security and prove that virtualisa-
tion is no security panacea.
He’s not wrong based on the research at the time. The mistake is presenting this as if it’s something that will be true for all time. Is virtualization a panacea? No. CPU manufacturers can’t even protect against side channel attacks. But it’s completely missing what this provides which is that the difficulty and cost of creating an exploit is higher today than 20 years ago. And it’s amusing to hear someone blasting away at the security of others when BSD has its own share of problems and architectural weaknesses are discovered through popularity of your system being an attack target, not because you’re smarter than everyone else and made better choices (sometimes it can be true in places, but harder to maintain for a big piece of software like an OS)
Even very smart, very accomplished people can be very wrong. Xen is seeing a resurgence from Xen Orchestra and I've used it in my homelab. It's quite pleasant. I also, of course, use de Raadt's software as well.
I think that everyone has the power to be wrong, but to be very wrong with convincing arguments, you must be smart.
A smart person can come up with post-hoc rationalizations that hold up under some scrutiny, to the point it is very hard to convince them otherwise. Add to that people who became famous or successful on the back of "being right" on some subject matter, getting used to "being right even in the face of overwhelming push back", and you have a recipe for very smart people being very wrong in very visible/loud ways.
"My favorite part of the "many eyes" argument is how few bugs
were found by the two eyes of Eric (the originator of the
statement). All the many eyes are apparently attached to a
lot of hands that type lots of words about many eyes, and
never actually audit code." -Theo de Raadt
That the hypervisor is effectively an operating system/kernel I have always held, and that it is a smaller and thus less vulnerable kernel is an appropriate explication I think. It's very hard to secure an all purpose kernel like Linux without actually building it yourself (and even then..)
https://www.forbes.com/2005/06/16/linux-bsd-unix-cz_dl_0616t...
Imagine being so hard you're labelled as "difficult" by no other but Linus Torvalds
"De Raadt says BSD could have become the world's most popular open source operating system, except that a lawsuit over BSD scared away developers, who went off to work on Linux and stayed there even after BSD was deemed legal."
There is some truth to that. And who knows where BSDs might have been if the lawsuit never happened.
However, I think Linux has always has and till today has better leadership, and management compared to OpenBSD.
I also think GPLv2 was another good that happened to Linux. It just creates an irresistible force to contribute back. With *BSD, a company might contribute back or it may not.
The lawsuit didn’t help. But, the BSD developers shot themselves in the foot when they refused to support x86, referring to it as a “toy”.
It was until Linux came along and started eating up all of BSDs user base that they freaked out and decided x86 support might be a good idea. But by then it was too late.
And I guess I do think that FreeBSD had a saner organization pattern than the sort of haphazard ecosystem of projects that grew up around GNU and Linux. Maybe the chaos was necessary for growth, but it still seems to be a hurdle for new Linux users in the current day.
EDIT:
Since I am posting waaaaaayyyyy too fast for HN's Commodore 64 to keep up with, here is my inlined response to tverbeure below:
> There are many extremely competent engineers who can’t deal with the idea of exposing themselves to public humiliation.
I don't classify thin skinned snowflakes who do stupid things that get them screamed at by Linus, and then are butthurt about it for years, as being "extremely competent."
Imagine going through military basic training, getting screamed at by a drill instructor, and being scarred for life by that. Weak.
> Personally I believe being an asshole to people is doing something wrong.
You mean like downvoting and censoring posts because you don't like them, also blocking the victim from further participation in the discussion because he's now "posting too fast"? Yes, that is truly asshole behavior. I'm waiting patiently for HN's apology tour.
It’s perfectly possible to critique without being a bully.
What Theo and Linus are doing wrong is scaring away a large pool of potential contributors who don’t want to take that risk.
"I like Theo and the old Torvalds way better than I like most people. Too bad Torvalds allowed the Perpetually Offended Brigade to shame him into an apology tour. He did nothing wrong. EDIT:
Since I am posting waaaaaayyyyy too fast for HN's Commodore 64 to keep up with, here is my inlined response to tverbeure below:
> There are many extremely competent engineers who can’t deal with the idea of exposing themselves to public humiliation.
I don't classify thin skinned snowflakes who do stupid things that get them screamed at by Linus, and then are butthurt about it for years, as being "extremely competent."
Imagine going through military basic training, getting screamed at by a drill instructor, and being scarred for life by that. Weak.
> Personally I believe being an asshole to people is doing something wrong.
You mean like downvoting and censoring posts because you don't like them, also blocking the victim from further participation in the discussion because he's now "posting too fast"? Yes, that is truly asshole behavior. I'm waiting patiently for HN's apology tour."
There is no reason to believe that there is a causation between being a “thin skinned snowflake” and being competent.
https://taviso.decsystem.org/virtsec.pdf
He’s not wrong based on the research at the time. The mistake is presenting this as if it’s something that will be true for all time. Is virtualization a panacea? No. CPU manufacturers can’t even protect against side channel attacks. But it’s completely missing what this provides which is that the difficulty and cost of creating an exploit is higher today than 20 years ago. And it’s amusing to hear someone blasting away at the security of others when BSD has its own share of problems and architectural weaknesses are discovered through popularity of your system being an attack target, not because you’re smarter than everyone else and made better choices (sometimes it can be true in places, but harder to maintain for a big piece of software like an OS)
A smart person can come up with post-hoc rationalizations that hold up under some scrutiny, to the point it is very hard to convince them otherwise. Add to that people who became famous or successful on the back of "being right" on some subject matter, getting used to "being right even in the face of overwhelming push back", and you have a recipe for very smart people being very wrong in very visible/loud ways.