132 sats \ 3 replies \ @launchwindow 18 Jun 2023 \ on: What should a phone for bitcoiners have? bitcoin
The OS should be based on Rust (or another memory safe language), rather than *nix
50% of hacks/exploits/0days/CVE's are based on memory and buffer bugs
Rust prevents this at the compiler level. Linus has said that Linux will start incorporating more Rust into the OS to prevent these exploits (https://www.zdnet.com/article/linus-torvalds-rust-will-go-into-linux-6-1/)
There's a pre-prod rust microkernel OS called Redox, made by the System76 team, it is a good template for how to build a Rust OS (https://www.redox-os.org/)
A "bitcoiner phone" should use Redox, or at least take some inspiration from Redox, to eliminate OS-level memory safety exploits.
write
preview
10 sats \ 1 reply \ @shibe 18 Jun 2023
I think Redox is super cool but I don't think it's anywhere near ready for mobile use. That'd require the following:
  • Hardware acceleration/drivers (most likely these will need to be ported from Linux like how the BSDs do, so they'd likely suffer from the same vulnerabilities)
  • More widely supported hardware platforms
  • More applications (ideally some sort of Linux emulation, I remember hearing about progress on this but I don't know if it's still under active development)
There's a pre-prod rust microkernel OS called Redox, made by the System76 team, it is a good template for how to build a Rust OS
I don't think Redox is a System76 project? You might be thinking about System76's new DE Cosmic
reply
1 sat \ 0 replies \ @launchwindow 18 Jun 2023
I agree Redox is nowhere near ready, but like I said I think its inspiration for what a memory safe OS could look like.
Redox OS is not officially a System76 product, it is FOSS under MIT License. The lead maintainer for Redox is Jeremy Soller who is also the principal engineer for System76, and RedoxOS recommends using System76 PC's for best compatibility.
reply
0 sats \ 0 replies \ @final OP 18 Jun 2023
Great answer, Id be really into running an OS made with a microkernel with majority of code in a memory-safe language - sadly seems like it would be a long way away.
Windows has also expressed interest to move to a language like Rust throughout the OS, instead of a microkernel they use a virtualization security approach by having Windows components run in their own virtualized environments. (https://learn.microsoft.com/en-us/windows-hardware/design/device-experiences/oem-vbs)
There is another project (Xous) that does the same thing you described but is mobile and has a hardware device to boot. Really cool but still experimentative: https://www.crowdsupply.com/sutajio-kosagi/precursor
Sadly it has no cellular network so it isn't really a phone, and I believe it may be lacking in the hardware security department since it has no security modules to be as open-source as possible. Worried it could be exploited like a Trezor would...
GrapheneOS also expressed interest to move to a microkernel which runs Android on top via virtualization. https://twitter.com/GrapheneOS/status/1586793216413769729
reply