[gz09]

> It's pretty clear that the security models that were design into operating systems never truly considered networked systems

Andrew Tanenbaum developed the Amoeba operating system with those requirements in mind almost 40 years ago. There were plenty of others that did propose similar systems in the systems research community. It's not that we don't know how to do it just that the OS's that became mainstream didn't want to/need to/consider those requirements necessary/<insert any other potential reason I forgot>.

[jacquesm]

Yes, Tanenbaum was right. But it is a hard sell, even today, people just don't seem to get it.

Bluntly: if it isn't secure and correct it shouldn't be used. But companies seem to prefer insecure, incorrect but fast software because they are in competition with other parties and the ones that want to do things right get killed in the market.

[germinalphrase]

Are there other obvious tradeoffs, in addition to speed, to these more secure OS systems vs status quo?

[jacquesm]

Yes, money. Making good software is very expensive.

[bigfatkitten]

And developer experience.

Developers will militate against anything that they perceive to make their life difficult, eg anything that stops them blindly running ‘npm get’ and running arbitary code off the internet.

[anonzzzies]

Well yeah, we had to fix some LLM that broke things at a client; we asked why they didn't sandbox it or whatever and the devs said they tried to use nsjail; could not get their software to work with it, gave up and just let it rip without any constraints because the project had to go live.