[monocasa]

It's too bad that 286 style 16bit protected mode (and the iAPX 432 before it) was so shit on at the time. We had the potential to have these concepts be ubiquitous, but collectively dismissed the protection mechanisms as intrinsically too slow.

It feels like from the outside that there was a decent sized faction at Intel in the 80s to give us a hardware object capability system, but they ended up losing the political battle, and by the time of AMD designing long mode, the last remnants were swept away.

I wish the 386's 32 bit protected mode had been structured as GDT entries that had a bit to optionally point to page tables rather than just having base addresses into a global page table. It would have encouraged these techniques in commodity systems 30 years ago.

Hell, we might not even have had spectre and at least would have had better tools to address it if we had that plus rings 1 & 2 still useable. The user and kernel space would have had the ability to describe untrusted data to the MMU. It feels like we're just pretending that NetSpectre isn't a thing and somehow spectre is only an issue with untrusted code.