[tjoff]

I had some issues following along since I didn't know what Genode was. At first I mixed it up with the AMD Geode processor which was quite confusing.

https://genode.org/ has it up front:

We understand the complexity of code and policy as the most fundamental security problem shared by modern general-purpose operating systems. Because of high functional demands and dynamic workloads, however, this complexity cannot be avoided. But it can be organized. Genode is a novel OS architecture that is able to master complexity by applying a strict organizational structure to all software components including device drivers, system services, and applications. The Genode OS framework is an open-source tool kit for building highly secure component-based operating systems. It scales from embedded devices to dynamic general-purpose computing.

keywords: capability-based security, microkernel, principle of least authority, sandboxing, virtualization