[Cryptography] Speculation considered harmful?

[Nico Williams]

On Tue, Jan 09, 2018 at 03:44:35PM -0800, Bill Frantz wrote:
> On 1/9/18 at 11:42 AM, leichter at lrw.com (Jerry Leichter) wrote:
> >Capability-based systems are the ultimate development along these lines,
> >but represent a radical departure from current system designs.  Perhaps we
> >can get some of their power without giving up all compatibility with
> >existing code.
> 
> When we developed the S370 version of KeyKOS, a capability OS, we developed
> on a running KeyKOS system. We used IBM's CMS system -- a part of VM/370 --
> which ran using some code we wrote called a "CP Simulator". The CP Simulator
> was like a virtual machine monitor for a single virtual machine. It
> simulated the privileged CPU operations and provided I/O support, including
> simulated disks for CMS storage and access to real tape drives for backup
> and recovery.
> 
> When we talked with people about Unix compatibility, we always asked, "How
> compatible does it have to be." After a conversation, the answer was almost
> always, "Bug for bug compatible." If you are bug for bug compatible, it's
> hard to improve the security.

That's hardly changed.  And it's not just Unix.  It's all legacy.

Microsoft has had the same problem with Windows.  The Linux emulation
functionality in BSDs and Illumos has run into the same issue as well.

Your OS may be superior to the one you're emulating, but now you have to
emulate the very bugs your OS does not have by dint of being designed
better.

        (epoll, I'm looking at you, you awful ode to NIH)

Legacy represents enormous future costs, but it's also a measure of past
success.  Not legacy, no success.  It can't even be avoided.

Nico
--