Most of the kernel code is in the drivers, the general purpose subsystems (VFS, I/O scheduler, task schedulers, memory management etc.) are a small fraction of those 25 million LOC and largely independent of each other so it is not that hard to build some understanding of them.
(understanding how the I/O and networking system calls work is quite helpful for application developers, even if you work in node.js, python or another high level language)
https://youtu.be/V1PcgtWAEnU : already been done. Americans are far behind the Dutch. What frustrates me is that everyone is making their version of the wheel in their corner instead of collaborating.
Right now, VC money should go to other things like AI, supply chain integrated into production, blockchain etc.
And they must have farmers as partners. Farmers completely distrust tech because we are not included. I gave up trying. It’s like we speak different languages but when tech is trying to create produce for MY domain,isn’t my participation and input necessary?
I am particularly bummed because I applied to YC twice and it always comes back to finding a tech partner. My tech is farming. I know stuff your roboticist or engineer can’t dream of because we live that nightmare of crop failure or machines failing all the time.
At this point, I think I am going to write stories like sci fi or fantasy and maybe someone will realize my vision(or not..who knows..maybe it’s not the right fit, but I will never know) after I am gone. I really enjoy coming up with theoretical solutions because at this point, that’s all I can do.
I would have discouraged Iron Ox from that idea. Who transplants one at a time when technology exists to do thousands at a time? Why? I can’t even wrap my mind around this.
I spent a couple years developing some software for doing text editing in a new way, not quite in any of the categories mentioned. The specific piece of hardware I was aiming to use at the time was the Microsoft Kinect—but the main goal was to develop software that would work for a variety of low precision and/or resolution input devices, where resolution refers to the number of input symbols made available by the device.
I partly just ended up reinventing the idea of a structured text editor, but did also build a new variation which I'd bet hints at a still worthwhile and largely unexplored direction (as a text editing UI concept). You can see a video here: http://symbolflux.com/projects/tiledtext (the most interesting part is at about 1:15 imo)
I'm unlikely to continue with that project exactly, but I still think we would gain a lot by figuring out better methods of making text editing efficient with low precision/resolution input devices. It would give us a lot more options for interacting with computers, from VR to mobile devices, to sitting on your couch with a projector, or maybe even a DDR dance pad kind of scheme—and I have reason to believe it could be made as fast or faster than contemporary methods (at least for writing computer programs—not natural language).
Those not designed for security were like that. Those designed for security had few of those problems. They just weren't popular with the big ecosystems and such since the demand side didn't care about security much. Very little security bolted onto something that was opposite at core. Common solutions were memory-safety for apps with validation on API calls, limiting of API's accessible, mandatory access control, and/or VM's isolating whole systems from apps needing protection.
OS's and browsers are not only becoming similar in functionality: they're similar in why people adopted them and why they're insecure.
"Saying browsers are "the largest attack surface" is an indication of ubiquity, not an indictment of the design or implementation of browsers"
It's actually saying both since browsers were mostly not designed for strong security or apply security engineering techniques of the time. That would be POLA, privilege separation, memory-safe languages, high-quality code in any components integrated, and so on. The first I saw attempt it was Chrome's Native Client imitating some benefits of OP Web Browser [that was designed for security] but weakening them for performance. Latter was Chrome's highest priority IIRC. There's Quantum moving memory-safe code into Firefox. However, browsers are mostly insecure architecture and code that just gets patched as problems are found. And they're ubiquitous. Music to malware authors' ears. :)
I'm including examples below of security-focused, browser architectures applying various methods of security at design and/or implementation stage so you have a mental point of comparison to current ones in terms of techniques employed. They were released as prototypes with nobody putting any effort in past that. So, high-assurance sector just isolated regular browsers in protection domains (eg VM's) on separation kernels or using MAC if browsers had to be there. Otherwise, native apps in memory-safe languages with regular old client-server architecture were much easier to make reliable and secure. Especially if using middleware designed to help with that. That's still true.
Years ago, in the 70's, we came across a bug where some program would skip every other input line. When asked to fix it, the responsible programmer went away and within a few minutes reported back that she fixed it. When we told her it was still broken she referred us to the updated documentation, which now said "the input should be double spaced". The said program was used this way for years after.
Some ways you can start:
- Here is start_kernel(), the kernel entry point after booting up and handling the lowest level stuff in asm: https://github.com/torvalds/linux/blob/v4.19/init/main.c#L53...
- grep for SYSCALL_DEFINE to find definitions of syscalls, e.g. this is open(): https://github.com/torvalds/linux/blob/v4.19/fs/open.c#L1076
(understanding how the I/O and networking system calls work is quite helpful for application developers, even if you work in node.js, python or another high level language)
- this is the struct that represents each process in the system, you can pick some interesting field and search for where it is used and where updated: https://github.com/torvalds/linux/blob/v4.19/include/linux/s...
Finally, the linux-insides book is pretty helpful: https://0xax.gitbooks.io/linux-insides/