however, after living in Florida for 40+ years when I see cockroaches running across the floor I know one of 3 things:
So when I see Linus and the Linux kernel community talk about many millions of LOC in a given revision as a badge of honor I see it as an attack vector. Unlike commercial OS development where you have to identify an exploit in the distributed OS or get hired by the company and then insert your own… with the open source kernels anything is possible. I’m not sure that the patching process is that secure; death by a thousand cuts.
Consider the 51% problem in crypto currency.
As a follow up to that… the Android Kernel team and now the Linux kernel team are accepting kernel features written in MDN’s rust-lang becasuse research is suggesting that modern vulnerabilities are language based.
And finally there is that university research team that intentionally inserted vulnerabilities into the kernel.
My OpenBSD dedicated NUC is for testing vmm/vmd and orchestration on a dedicated OpenBSD environment.
My VMware system has 8-10 server guests and 2 desktops which I can access from my browser. I could and have benefited from many of the same organization, in the bast, on my MAC laptops with lots of RAM, however, the host was far less stable. VMware’s host is reasonable stable since they’ve isolated it from the guest and the related attack plane. But it is or was forked linux.
One of my greatest fears is traveling and having my computer crash. With any Mac, PC, etc… a failure can turn into many hours of recovery if it’s even possible. Bootstraping a restore is even more challenging. The least amount of friction is buying a chrome device and benefiing from a google sync.
Yesterday I went looking for a modern laptop that I could install OpenBSD on, however, modern laptop pricing is awkward. The manufacturers are trying to compare apples and oranges and it simply does not work for me. Desktops and NUC are cheaper than ever but as soon as you try to configure it as a laptop pricing goes thru the roof.
“The Network is the Computer” - Joy
As much as I want a Lenovo running OpenBSD I cannot help feeling like my capability could crash. ChromeOS does limit some of the capabilities but they are safer too. And let’s face it there isn’t much benefit from native apps these days.