Coffeehouse Thread

5 posts

Forum Read Only

This forum has been made read only by the site admins. No new threads or comments can be added.

Should internet facing apps and parsing libs be written in managed code?

Back to Forum: Coffeehouse
  • User profile image
    androidi

    http://www.microsoft.com/technet/security/bulletin/ms08-052.mspx

    I think it's reasonable to assume that for every hole reported to MS there's some that don't get reported. And even the automated updates take a while to happen sometimes. Maybe the next forum thread you click contains a sploit.gif/bmp, captures your cookies and login attempts then vanishes on next boot without a trace? If MS is serious about security they should offer a managed browser that runs under the Singularity kernel and then that combination runs as seamless app on the Windows. Now that doesn't do anything to stop trojans but atleast the industry could start to focus on how to deal with the trojan problem rather than looking for these same old type of holes.

  • User profile image
    AndyC

    You realise that a bug in GDI+ could potentially affect managed code apps too, right? Admittedly, it's probably a lot easier to patch than the myriad of apps shipping with a GDI+ dll as part of their install, but they are by no means immune.

    That's not to say I wouldn't approve of more internet-facing apps being migrated to managed code, as it reduces the potential for a significant number of other bugs.

  • User profile image
    matthews

    So your saying backwards compatibility should just be thrown out wholesale? Who would buy an OS that can't run any of their applications?

  • User profile image
    androidi

    matthews said:

    So your saying backwards compatibility should just be thrown out wholesale? Who would buy an OS that can't run any of their applications?

    That's not what I said, you didn't read the last part of the sentence. The singularity kernel would run under or with Vista similar to a virtual machine. Then you'd host and build new internet facing apps under that and give them seamless experience for the most common stuff like similar to VM's today but under the hood it wouldn't rely on parts of legacy code so much. Then eventually when all new apps were written under this new platform in 10-20 years it might be more feasible to phase out all legacy code and move to running Windows under some evolution of the managed platform or maybe they would run side by side withing some hypervisor type of thing while being on the same desktop.

  • User profile image
    evildictait​or

    androidi said:
    matthews said:
    *snip*
    That's not what I said, you didn't read the last part of the sentence. The singularity kernel would run under or with Vista similar to a virtual machine. Then you'd host and build new internet facing apps under that and give them seamless experience for the most common stuff like similar to VM's today but under the hood it wouldn't rely on parts of legacy code so much. Then eventually when all new apps were written under this new platform in 10-20 years it might be more feasible to phase out all legacy code and move to running Windows under some evolution of the managed platform or maybe they would run side by side withing some hypervisor type of thing while being on the same desktop.
    It would be massive overkill to do such a thing.

    It makes much more sense for the Operating System to provide some mechanism whereby an application can ask to be locked down so that all of it's calls for things like fopen (outside of a few restricted directories) etc are rejected and it can't launch new processes.

    By doing such a thing, IE could request that it be "locked down" before starting up any of it's Internet related activities, and then any hijack, no matter how successful would only be able to corrupt IE. In order to get data it would be limited to either
    a) getting data that IE is allowed to get anyway (e.g. cookies etc)
    b) additionally defeating the operating system imposed restrictions

    This isn't much different to having the Singularity kernel running on the system, where a successful exploit (and it's always possible) would either be able to access:
    a) All of the data available to IE (e.g. cookies etc)
    b) additionally defeating the virtual machine

    The difference being that under your system the IE team would become compelled to convert all code not just to managed code, but to code that interacts with a new operating system, and would incur the dual performance penalty of managed code and of virtualization.

Conversation locked

This conversation has been locked by the site admins. No new comments can be made.