Theo de Raadt explains why virtualization does not improve security. How about this: to improve security, you have to have a secure design, a marketing buzzword won’t do the trick. Anyone who has seriously looked that the current generation x86 virtualization hardware knows that it does not provide clean separation or levels of security. It is possible, with great care, to use it in a way that improves some types of security, but mostly it seems like a way of justifying the use of SUV monster servers.
If you look at Xen code, for example, you can see that it copies huge chunks of Linux. The argument seems to be that if Linux does not have security and fails to efficiently allocate resources, Linux+ModifiedLinux will do a better job, somehow. There’s no reason to believe this will happen and many reasons to believe that it will, in fact, make security more elusive. That’s not to either argue against virtualization as a useful technique: our RTMS uses a type of virtualization and we have a lot of customers who love VMWare, but the hype-ervisor is disconnected from reality. The delusion that making arbitrary divisions in software can reduce complexity is a persistent one, but it has no basis.
I’ve been meaning to write about DSO – WindRiver’s attempt to define synthetic “standards” (see the linuxdevices article for technical detail and a more serious approach). “Is DSO hype or substance?” asked Wind River CEO Ken Klein during the sponsored address, and sought to persuade the engineers in the audience that it is indeed substance and not just “marketing spin or renaming embedded systems with a three-letter acronym.” [cite: electronic news]
Klein is seeing what many of us see – the tools and design approaches that worked for little embedded systems don’t work anymore. But because you are now able to run Linux or BSD or Windows on an embedded system, you don’t need an invented “standard” set of components – you can use the actual standardized components that have been developed for enterprise and desktop computing. There is obviously room for new components, but Java and Apache and Libc and the usual databases and Linux/BSD network stacks and so on are all useful in embedded systems. Our approach from day one in RTLinux has been to avoid reinventing those components and just add real-time capabilities to working solutions.
The WindRiver booth at the Embedded Systems Conference in San Jose featured glowering faces waving fists that had “DSO” tatooed on them. Reminded me of “Night of the Hunter: “The film’s slogan on a major poster proclaimed: “The wedding night, the anticipation, the kiss, the knife. BUT ABOVE ALL…THE SUSPENSE!” The image showed actor Mitchum hugging a distressed Shelley Winters, with the L-O-V-E tattooed hand embracing her back, and the H-A-T-E tattooed hand grasping a knife. “(cite) So this must some of that brand management that I keep hearing about, but it’s a little too sophisticated for an engineering type to follow. If you look at the DSO web-site things get even more involved as they introduce the hippie angle: “This is the Woodstock of DSO. And just as it was with that event, 10 years from now, everybody will claim to have been here.” (here). Goodness gracious. Where is Wavy Gravy when you need him? I dunno. I was at ESC and didn’t pick up much of a sense that things were really happening in the DSO pavilion (they had some comfortable chairs, I’ll grant that).
See also ValleyWag’s rude take (on the conference and DSO, not the movie).