[OldGoodNewBad]

I used BeOS as my main OS for something like two years back in the day, and recently I tried out Haiku. It’s quite stable and has a modern browser, emacs, and our favorite compiler. It’s also so alien that I doubt there are exploits around for it.

[tialaramex]

It's scarcely necessary to "exploit" an operating system which essentially lacks any security model. If you are code running on Haiku, you have better than superuser privileges. Such code can (while the mere user cannot) do stuff like alter the internals of "read-only" system software, blow up the operating system internals or scribble all over the raw disk.

Back in the day Haiku didn't do the hostname check in its TLS code. Browser, command line tools, package updates, everything just ignored hostnames - so it would have apparently secure HTTPS fetches, but under the hood if you can interpose and hand Haiku a certificate you got for say your personal blog from Let's Encrypt, that checks out fine even though the name doesn't match - so you could impersonate Haiku's update servers. They did, after many years, fix that particular issue, but lots of similar bugs remain, you're primarily hoping nobody tries anything.

[AnIdiotOnTheNet]

> Such code can (while the mere user cannot) do stuff like alter the internals of "read-only" system software, blow up the operating system internals or scribble all over the raw disk.

Who cares. OS stuff is easy to replace. The real problem is that it can also destroy any user data... just like every binary on Linux or Windows.

[smallstepforman]

I 100% agree with you. Who cares about protecting the OS (which can easily be restored), it’s my personal documents / pictures which are valuable. Sadly any rogue app (which runs in the “protected” systems) can destroy those “user access” documents. *nix/Win10/Mac doesnt protect against those apps.

[bzzzt]

The real problem is the OS is fundamentally compromised and your data is at risk of leaking. If you work with data covered by the GDPR that's a no go. Also, I'd not risk logging into my banks website on such an OS.

[Fnoord]

Not only that, it can also be used as a jumphost to other machines in your network.

[OldGoodNewBad]

So what you’re saying is, run Haiku on a Pentium 4?

[qubex]

I also used BeOS back in the mid nineties, first on an actual BeBox-133 and later on a dual PIII-450 PC. I still have bouts of nostalgia for that setup. The GUI and UX were extraordinary.

[Apocryphon]

Looks like it's still got a ways to go to be a true daily driver, especially in terms of a web browser, but it's certainly usable.

https://www.youtube.com/watch?v=eOeOfBl3mbI