|
|
|
|
|
|
by blinkingled
5348 days ago
|
|
|
I would argue that real security requires a deeper approach like QubesOS takes - http://wiki.qubes-os.org/trac/wiki/SecurityGoals . Constraining and inconveniencing users for the sake of false sense of security doesn't feel like something that needs to be attempted in 2012. But to be fair - I think the hardware is only now starting to get fast and capable enough for doing security via virtualization. So up until now may be OS vendors did not really have the luxury of thinking along those lines but it doesn't hurt to start thinking now. Apple could really leapfrog if they worked with the hardware vendors to make Mac OS X something like QubesOS but much more usable. On top of it if they had a saner programming language that makes it darn near impossible to make security goof ups, real security still has a chance! |
|
|
Similar logic would allow the "we - implemented - the - kernel - in - a - type - safe - runtime - so - we - don't - even - need - to - switch - out - of - ring - zero" crowd to say Qubes was inadequate.