Back to News
Advertisement
Advertisement

⚡ Community Insights

Discussion Sentiment

65% Positive

Analyzed from 944 words in the discussion.

Trending Topics

#kernel#openbsd#takes#virtualization#bsd#wrong#years#dumb#linux#torvalds

Discussion (33 Comments)Read Original on HackerNews

tptacekabout 1 hour ago
One of his dumber takes. Virtualization replaces an ultra-functional general-purpose kernel evolved over decades to support every conceivable application with a drastically smaller "kernel" (KVM and the userland hypervisor). It's a drastic attack surface reduction, and the empirical data bears that out: kernel LPEs aren't even newsworthy (there's whole repos full of unnamed, unremarked-upon LPEs), and KVM escapes are very rare.
xattt2 minutes ago
[delayed]
boricjabout 1 hour ago
Doesn't that message date back to a time that either predates or is almost concurrent with the introduction of x86 hardware-assisted virtualization? I wasn't around playing with VMs back then, but I'm not sure that the track record of x86 virtualization 20 years ago was that great.
tptacekabout 1 hour ago
It does, but that's an argument about implementations, and his comment is an argument about design. Just read it again and see if you think it's reasonable. Pay attention to the tone and (especially) the conclusory certainty he deploys.
SoftTalkerabout 1 hour ago
And since then, OpenBSD has developed its own VM subsystem vmm(4), vmd(8), vmctl(8).
ummonkabout 1 hour ago
How big is the OpenBSD kernel and userland actually compared to a virtualization layer?
naturalmovement26 minutes ago
If someone purposely dug up emails you wrote 19 years ago, I'm sure they'd find some of your "dumber takes" as well.

I'm not sure what the purpose of revisiting this is beyond provoking a flamewar on a slow Sunday.

bawolff6 minutes ago
Probably people are responding less to the dumbness of the take and more the arrogance of the tone combined with the dumbness of the take. Everyone has dumb takes, not everyone is an asshole while giving their dumb takes.

Regardless i do agree with you though, not sure what the point of digging up ancient skeletons is.

tptacek24 minutes ago
I mean, I agree there. We all have dumb takes! I hear roughly once a month about my old "I don't think Dual EC is a backdoor, it's too dumb and obvious for anyone to actually use it" take.
TZubiriabout 1 hour ago
I'm anti virtualization, but mostly due to the internal complexities of the guest applications being swept under the rug, it's undeniable that the host is protected and thus neighbouring guests (of course it is with almost 20 years of hindsight I can say this.)

That the hypervisor is effectively an operating system/kernel I have always held, and that it is a smaller and thus less vulnerable kernel is an appropriate explication I think. It's very hard to secure an all purpose kernel like Linux without actually building it yourself (and even then..)

Gualdrapoabout 2 hours ago
"Torvalds, via e-mail, says De Raadt is “difficult” and declined to comment further."

https://www.forbes.com/2005/06/16/linux-bsd-unix-cz_dl_0616t...

Imagine being so hard you're labelled as "difficult" by no other but Linus Torvalds

sidkshatriyaabout 1 hour ago
Thanks for sharing the forbes link. From the link:

"De Raadt says BSD could have become the world's most popular open source operating system, except that a lawsuit over BSD scared away developers, who went off to work on Linux and stayed there even after BSD was deemed legal."

There is some truth to that. And who knows where BSDs might have been if the lawsuit never happened.

However, I think Linux has always has and till today has better leadership, and management compared to OpenBSD.

I also think GPLv2 was another good that happened to Linux. It just creates an irresistible force to contribute back. With *BSD, a company might contribute back or it may not.

TylerEabout 2 hours ago
I mean, Torvalds has called basically every person on earth an asshole at some point, hasn’t he? He’s the opposite of being sparing with critisicism, and frankly has historically often used his bully pulpit to do it.
metoobruhabout 1 hour ago
I like Theo and the old Torvalds way better than I like most people. Too bad Torvalds allowed the Perpetually Offended Brigade to shame him into an apology tour. He did nothing wrong.
vlovich123about 1 hour ago
> A simple tool was presented, iofuzz, that exposes exploitable security flaws in most, if not all, virtual machines available today. To the knowledge of the author, no similar research has been conducted before. The results produced by crashme, a tool well known for over a decade, locating trivial flaws dem- onstrates this. No virtual machine tested was robust enough to withstand the testing procedure used, and multiple exploitable flaws were presented that could allow an attacker restricted to a vir- tualised environment to reliably escape onto the host system. The results obtained demonstrate the need for further research into virtualisation security and prove that virtualisa- tion is no security panacea.

https://taviso.decsystem.org/virtsec.pdf

He’s not wrong based on the research at the time. The mistake is presenting this as if it’s something that will be true for all time. Is virtualization a panacea? No. CPU manufacturers can’t even protect against side channel attacks. But it’s completely missing what this provides which is that the difficulty and cost of creating an exploit is higher today than 20 years ago. And it’s amusing to hear someone blasting away at the security of others when BSD has its own share of problems and architectural weaknesses are discovered through popularity of your system being an attack target, not because you’re smarter than everyone else and made better choices (sometimes it can be true in places, but harder to maintain for a big piece of software like an OS)

rustcleaner18 minutes ago
If OpenBSD pretended Qubes OS was a feature prototype/reference OS build and made a fork of OpenBSD to feature-match Qubes OS (calling it QuBSD or something), that would be great!
cptrootabout 2 hours ago
I would love to know how OP came across this email nearly 20 years after the fact
SoftTalkerabout 2 hours ago
It's one of Theo's more famous takedowns.
DonHopkinsabout 1 hour ago
My favorite Theologism:

    "My favorite part of the "many eyes" argument is how few bugs 
    were found by the two eyes of Eric (the originator of the 
    statement).  All the many eyes are apparently attached to a 
    lot of hands that type lots of words about many eyes, and 
    never actually audit code." -Theo de Raadt
https://en.wikipedia.org/wiki/Linus%27s_law
znpy28 minutes ago
I think de Raadt and OpenBSD are hugely overrated and some takes are as dumb as the one in the post.

OpenBSD is only secure because because it does pretty much nothing and does it very slowly (its firewall just recently broke the 4gbps firewalling capabilty, for example) but somehow a cult has formed around it ¯\_(ツ)_/¯

bawolff10 minutes ago
In fairness, minimizing surface area (doing nothing unless you need to) is security 101, so i hardly think that is a criticism.
oooyayabout 1 hour ago
Even very smart, very accomplished people can be very wrong. Xen is seeing a resurgence from Xen Orchestra and I've used it in my homelab. It's quite pleasant. I also, of course, use de Raadt's software as well.
estebankabout 1 hour ago
I think that everyone has the power to be wrong, but to be very wrong with convincing arguments, you must be smart.

A smart person can come up with post-hoc rationalizations that hold up under some scrutiny, to the point it is very hard to convince them otherwise. Add to that people who became famous or successful on the back of "being right" on some subject matter, getting used to "being right even in the face of overwhelming push back", and you have a recipe for very smart people being very wrong in very visible/loud ways.