Announcement

Collapse
No announcement yet.

Genode OS 21.05 Released With Webcam Support, Encrypted File Vault

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Genode OS 21.05 Released With Webcam Support, Encrypted File Vault

    Phoronix: Genode OS 21.05 Released With Webcam Support, Encrypted File Vault

    Genode OS as the from-scratch open-source operating system framework built atop a micro-kernel abstraction layer and various original user-space components is out with its version 21.05 update...

    https://www.phoronix.com/scan.php?pa...21.05-Released

  • #2
    Is this the OS that is supposed to be more secure than OpenBSD?

    Comment


    • #3
      Originally posted by kylew77 View Post
      Is this the OS that is supposed to be more secure than OpenBSD?
      Not just supposed to be, it is more secure.

      Comment


      • #4
        Wow, I'd never heard of Genode before. But after reading their very well written and concise "General overview" I'm intrigued. Hopefully I'll have enough time to install a Genode VM (if it's possible via KVM) sometime soon and explore it further. Technically I've always preferred the philosophy of a microkernel, but never encountered a system mature enough for daily use. However, even though it doesn't look like Genode is at the daily use stage yet, and its implementation in C++ is concerning, it does appear to at least have potential to become a desktop OS.

        Comment


        • #5
          Originally posted by muncrief View Post
          Wow, I'd never heard of Genode before. But after reading their very well written and concise "General overview" I'm intrigued.
          That's because it's a company with actual customer which means the developpers have to spend time doing boring stuff like making documentation. Their goals for this year also state becoming more popular and attracting new users, so they have worked a bit on usability though it's still quite... technical. For instance, for every app you install, you have to grant it access to the clipboard to read/write to it, display manager to allow it drawing a window, etc.

          However, I personally adore how you can even choose to compile Genode with seL4 as the hypervisor (!!?) and their interest to porting it to the pinephone/Librem 5.

          Originally posted by muncrief View Post
          ...and its implementation in C++ is concerning...
          That was my initial reaction, but from a quick glance at the source code (which is of impeccable quality) and the extensive documentation, they make good use of C++ features.

          Comment


          • #6
            Originally posted by lyamc View Post

            Not just supposed to be, it is more secure.
            I'm sure you have some sources to support this rather bold statement.

            Comment


            • #7
              Originally posted by Vistaus View Post

              I'm sure you have some sources to support this rather bold statement.
              They’ve documented literally everything and designed the entire system to be secure

              Comment


              • #8
                Originally posted by lyamc View Post

                They’ve documented literally everything and designed the entire system to be secure
                I'm not saying it's not secure, I was talking about your statement that it's more secure than BSD. If that's true, then I'm sure there must be an article or two discussing that and I would like to read it because it intrigues me. Just reading some documentation doesn't really tell me how x is more secure than y.

                Comment


                • #9
                  Originally posted by Vistaus View Post

                  I'm not saying it's not secure, I was talking about your statement that it's more secure than BSD. If that's true, then I'm sure there must be an article or two discussing that and I would like to read it because it intrigues me. Just reading some documentation doesn't really tell me how x is more secure than y.
                  OpenBSD cannot reach the same security levels by design, it's using a monolithic kernel. That's not to say that it's not secure, but it means that it can't be any more secure than a microkernel.

                  Comment


                  • #10
                    Originally posted by Vistaus View Post

                    I'm not saying it's not secure, I was talking about your statement that it's more secure than BSD. If that's true, then I'm sure there must be an article or two discussing that and I would like to read it because it intrigues me. Just reading some documentation doesn't really tell me how x is more secure than y.
                    Boot it up and try to install an app. It will require you to manually select every fine grained permission an app can have (including permission to display an image).

                    Also, their default SculptOS images uses NOVA as a hypervisor and can load a fully sandboxed Linux runtime from my understanding. Here's a page from their docs which explains kernel-agnostic sanboxing (because they offer ~5 different kernel to use as hypervisors).

                    Think QubesOS but instead of using Xen which is enormous and has been filled with CVEs, you can use seL4 which is formally verified. Also instead of operating systems being sandboxed, it's applications.

                    To be clear, this is zealous level of security enforcement and heavily affects usability, but I think it's nice seeing an operating system with such a clear and idyllic goal.
                    Last edited by kvuj; 01 June 2021, 08:19 PM.

                    Comment

                    Working...
                    X