> IMHO Fuchsia will be a massive (real world) improvement over Linux in security.
Exploits in the Linux kernel are very few & far between. How would Fuchsia represent a massive (real world) improvement in Linux over something that basically doesn't happen?
By contrast for the Windows 9x -> NT kernel transition, the 9x kernel (in Windows ME at the time) had rampant worm issues and was notoriously unstable in very significant & practical ways, like plugging in USB devices would trigger BSODs with some regularity.
These days the majority of kernels (Windows, Mac, and Linux) have vanishingly few exploits and are for the most part extremely stable. There's not much to improve on at this level.
> For the past 12 months, I've been running Chrome "on Wayland" (without XWayland in between) and although it is definitely usable, there are many small bugs some of which has existed the entire 12 months.
Note that neither ChromeOS nor Android use Wayland or X11. That compositor fight that desktop Linux can't move on from isn't something that plagues anybody else, so there's nothing for Fuchsia to "fix" there.
> Exploits in the Linux kernel are very few & far between.
That's an interesting take on multiple code execution bugs per year. And not via drivers, but userland-exploitable code in general subsystems.
Unless you're referring to remote code execution, which in the era of ubiquitous web applications (often running involuntarily through advertisements, etc) seems like a distinction without a difference.
Drivers are the commercial case for Fuschia. But in general, microkernels make it much easier to 1) implement privilege isolation for subsystems and 2) implement subsystems in a more secure manner, both of which absolutely improve security posture. A subsystem is just another type of driver. Though, it depends on how well Zircon makes use of this--i.e. avoids implementing all the most critical subsystems in the same process, or otherwise abuses too much unprotected memory sharing among them.
> 1) implement privilege isolation for subsystems and 2) implement subsystems in a more secure manner, both of which absolutely improve security posture.
Sure, but Android already has that via a user per application for app sandboxing & a very extensive selinux policy set[1]. Which makes the real-world benefit of that seemingly very negligible. There's a huge gap between desktop Linux & Fuschia/Zircon here, but there doesn't seem to be a particularly big gap between Fuschia/Zircon & Android Linux.
Sure but even still exploits in kernel modules are also extremely rare. The vast majority of exploits are in getting userspace to do something it has permission to do but in a way that it didn't want to do it. Sandboxing & permission systems help here tremendously, which Android already has a pretty robust & extensive system (not just the normal app permissions, but also a massive set of selinux policies controlling what a given system service can do).
Desktop Linux is pretty far behind the curve at this point, but Android/iOS aren't (and increasingly MacOS/Windows are fixing things up)
Fuchsia seems like it'd be an incremental improvement here at best, and "real world" improvements even less clear than that.
Exploits in the Linux kernel are very few & far between. How would Fuchsia represent a massive (real world) improvement in Linux over something that basically doesn't happen?
By contrast for the Windows 9x -> NT kernel transition, the 9x kernel (in Windows ME at the time) had rampant worm issues and was notoriously unstable in very significant & practical ways, like plugging in USB devices would trigger BSODs with some regularity.
These days the majority of kernels (Windows, Mac, and Linux) have vanishingly few exploits and are for the most part extremely stable. There's not much to improve on at this level.
> For the past 12 months, I've been running Chrome "on Wayland" (without XWayland in between) and although it is definitely usable, there are many small bugs some of which has existed the entire 12 months.
Note that neither ChromeOS nor Android use Wayland or X11. That compositor fight that desktop Linux can't move on from isn't something that plagues anybody else, so there's nothing for Fuchsia to "fix" there.