[Note: This is the first in a series of “chapters”. I’ll be revising as I see errors and in response to comments. As usual, this material is copyright Victor Yodaiken and rights are given to make, but not sell, verbatim
Security cannot be improved by waving flags
Via Schneier comes a story about the US Navy and a disgruntled contractor who just plead guilty: He confessed to programming malicious software codes into computers that track Navy submarines in May 2006 while in Naples. He told Navy investigators
Enterprise operating systems
Can anyone name a single feature of “enterprise†operating systems available today that was not already working in VMS or Solaris or SGI’s system 10 or more years ago? Multi-processor support – practically prehistoric. Here’s a wise observation: â€Since the
Difference between theory and practice in security and reliability.
Theory of how F-22 Fighter software is going to be made bulletproof. Practice. Update: More practice (noted by Ben_k on Bruce Schneier’s weblog). Update2: See this paper and this one.
Operating system interfaces are what you bump into…
Operating system interfaces are what you bump into when you are trying to do your work. There is no need for workaday users to see an operating system interface at all; the current OS interface is bureaucratic bloat, an unnecessary
Security notes
David Elliot Bell has an interesting essay on the US government and software security – little “inside baseball”, but informative. He cites my critique of MILS. One of Bell’s points, which is briefly mentioned in my note, is that composition
Talmudic codes
My knowledge of Talmud is, to be generous, zilch, but consider the format and style of Talmud. This is what you get when each commentator takes the arguments of colleagues and predecessors seriously. In the center a discussion between one
Adding value to Windows
Andy Bechtolscheim says: It’s really hard to add value to Windows. Whatever you add, Microsoft is going to take away from you. Linux has opportunities. There are many ways to add value. There are lots of things Sun customers expect
Plagiarism watch
Thanks to google code watch I see that an open source real-time Linux project has reached new heights of originality – changing the magic number that they copied from RTLinux 10 years ago to a new number. The constant definition
The Embedded Enterprise, Pruit-Igoe, Ayn-Rand, the telecommunications stack and why software does not suck
Programmers will readily tell you that “Windows sucks” or “Linux sucks” or “POSIX sucks” why this or that software is badly designed, bloated, slow, buggy, un-needed, ugly, and generally disgusting. But, Windows is actually an immensely useful and sophisticated program