> I remember seeing a linux firewall/gateway set up to run with just the kernel, without any userspace at all. Completely unhackable.
Do you remember any details that would let me search for it? Because that does sound cool, and even maybe useful; the thought has certainly crossed my mind that a router or VPN box doesn't really get a lot of use out of userspace... Although maybe it's worth keeping for control/configuration/debugging.
> To print some text or run a simple program, I belive DOS without a memory manager would be even faster.
Or just make your code boot directly. It's not hard to make a .efi, or use
https://github.com/jart/cosmopolitan
to make a binary that runs in many places including bare metal.
IIRC, it ran a script as init process that set up the network cards, set up iptables, etc. and then just exited. Kernel would panic (the "init was killed" panic), but the network would still be functional. Automatic reboot on panic was disabled.
To reconfigure, the admin would simply reset it and start the system with "init=/something/else" as kernel parameter that booted to a normal userspace.
Basically, even if your application _can_ run as the kernel, and it's desirable for it to run with kernel-level permissions, do you really want production to be a world without strace and iotop and the like?
That's a halted firewall setup. Normally as part of shutdown you would tear down networking in SysVinit or systemd but you don't actually have to do that. When shutting down you can choose whether to power off or just to halt. It's basically like the old Windows "It is now safe to power off your PC".
Wouldn't this be useful for embedded types of applications where you have a very specific task you want to do and you want to do it now.... like that firewall example?
Do do something actually useful, the program would have to access some data: network, disk, some sensors, etc. Network alone means scanning PCIe for the network card and configuring it, disk access needs controller also on PCIe, then scanning the ports for the drive, reading partition table, mounting the partition, etc.
All that takes a lot more than 1s. The speedup might not even be significant compared to a kernel optimized for that system (all modules built-in, nothing redundant), but full-featured, plus busybox or sysvinit alone.
> I... fail to see the point of running just one process.
It makes sense if you got some legacy piece of hardware that has extremely limited resources, both in terms of RAM and storage. Write your code in Go and you don't even need libc any more.
I'm not the person that you replied to, but I have. I bought a FP3 and it's waiting in my drawer until the last 2G network goes down. I'm using my N86 until then.
I want/need a phone that I can answer with one hand without looking at the screen and can record phone calls automatically so don't have to search for pen and paper all the time. No current phone is capable of these two things.
Basically any Android phone where you can gain root access is capable, you can set up automatic recording of every call and set answering call with a button (like Volume Up).
Don't know about FP3 specifically, but on some phones it's built-in in accessibility settings (all Samsung phones for example). For other phones you can try an app such as Button Mapper and assign "accept call" to a button.
I still have a MB with just a USB 1.1 controller. I would hate it if the USB stopped working after this fix. I think a config option for the delay would be best.
Why? The moment you touch the code you become responsible for it. Can't count how many times I fixed something on a goodwill and then became responsible for it.
The testers have the latest build, and have not reported any bugs. I don't even know if the project I am working on is even going to be funded after a few more months. I am just in this sort of limbo that really sucks.
I would try to learn some new tech. Definitely not something you can do in a vacuum with no goal for months in a corporate setting, but e.g. learning more about a programming language you already use, or some libraries, some tooling, you can easily spend a few weeks.
After that, yes it'd make sense to find something else.
1: If you want to protect user's privacy, you collect no personal information, so GDPR doesn't apply.
2: You do that.
3: Since your platform collects no private information, they get nothing from you. If they collect private information on their own, it's their job to comply with GDPR.
What you should do in case (3) is ask the user for permission to allow the 3rd party access to private data on their device. It's their choice (not yours) to allow it or not.
It's a constitutional fact. The most they can do is propose amendments to laws proposed by the Commission, but the Commission drives the whole process and isn't required to accept them (worst case, they just cancel the law and then try again later).
There is literally nobody you can vote for to if you want to repeal the DMA.
reply