zlacker

>>chei0a+(OP)
Probably worth pointing out that the author is the project lead of Qubes, one of the very few promising projects in the vast wasteland of computer security.

>>kragen+j5
Very few? Seriously?

>>kachnu+pl
I think he means there are few operating systems out there that make security the primary goal. Most other options seem to think in terms of "how can we best secure the platform we already have and is used by millions of people without breaking anything".

When that's what you're working with, you're limiting yourself quite a bit in terms of adding new security solutions. At best you'll be at least a decade behind the innovators in security who aren't afraid to build new stuff from scratch and break the old stuff.

>>mtgx+Mz
No, that's not what I mean, and that's not what Qubes is.

Making security the primary goal of your operating system would be nearly as perverse as making swapping the primary goal of your operating system. The primary reason security seems special here is that we do have working swapping in our operating systems, but we don't have working security.

Nevertheless, if you try to add virtual memory to an operating system that was designed without knowledge of how such a thing could work (like nearly all 1960s operating systems) it is going to be pretty rough going! Today, security is where virtual memory was 50 years ago.

Qubes is interesting especially because it doesn't break compatibility with everything else.