My dreams coming true: OS kernels and security today

I have received response concerning my (complicated) grammar. Consequently, I try to compose simpler structures. :)

I started using computers at a young age, so I mostly played games at first. I didn't play much, though. One of my favourite games at the time was a real time strategy game (Dune2). I was amazed of the program. I always wondered how it works. That was the motivation behind my programming career.

It happens to me often that I want to improve things I dislike. I first wished Dune2 had a better interface and more intelligent units with a gameplay requiring less micro-management. A friend of mine demonstrated Total Annihilation for me some years later. It pretty much covered most improvements I wanted to make at that time.

I wanted to create a better operating system almost from day one. I always wished I had a more powerful OS shell than the one I had then (command.com at first, later DOS Navigator). I needed to design and compile my own small applications even for the most elementary tasks (like mass renaming). Thankfully, I was introduced to UNIX-based systems one day! :)

I wanted to implement a kernel since I first read a book on 386 protected mode (just like Linus) in primary school. I did write a simple protected mode register dump supporting interrupts, virtual mode and a basic system call interface, loaded by my own simple boot sector that had FAT12 file system support (all in assembly language). My aim was to test how fast you can boot from a floppy disk. In the end, it was able to boot in a click of the motor! Actually it's still not finished, because I wanted to write a smooth graphics demo that would show while reading the system files in the background, with again a boot time of a few seconds. Maybe I will finish it one day. All of these features are planned for a 386 of course! :-D However, today I see joining an existing project as a much more viable choice than starting from scratch.

I always wished if computers were more reliable (today: RBAC, ACL in UNIX, security policies in SELinux, capabilities in Coyotos, microkernel design in Minix) and more responsive (today: real-time systems, microkernels, nanokernels, pre-emptive monolithic ones). Kernel (and driver) reliability is still an issue as of today, so I might happen to join a research project in this area (like Minix?) someday.

There must exist a tamper-proof security token and privilege setting scheme. A tamper-proof entry dialog is needed with an attestation button and an indicator (OLPC?). A user must be able to set fine-grained privileges (SELinux, Systrace, ...). 0-install is also a great idea.

Comments

Popular posts from this blog

Tftp secret of TL-WR740N uncovered

Hidden TFTP of TP-Link routers

Haskell for embedded: C output, compilers, monads, Timber