
Playing around with the Fuchsia operating system - tapper
https://blog.quarkslab.com/playing-around-with-the-fuchsia-operating-system.html
======
RivieraKid
I'm more excited about the possibility of a high quality desktop OS rather
than the kernel. The Linux kernel is great but a great open-source desktop OS
doesn't exist today.

Specifically, this product doesn't exist today:

\- Desktop environment that matches or surpasses Mac OS in quality,
performance and UX design.

\- It includes seamless synchronization between devices.

\- Apps are sandboxed, similarly to Android or iOS.

\- There is a clearly defined platform / SDK, like in Android or iOS. If it
works in your development environment, it's guaranteed to work everywhere.

\- You can easily make a commercial product, like in Android or iOS.

\- It has 10% on the market (or software creators believe it's on the
trajectory to get there).

I don't understand why Google hasn't done this yet. Of course, the answer
could be that such project just doesn't have the required ROI.

~~~
moron4hire
You just described UWP apps on Windows 10.

Developers flat out rejected it _because_ of the smartphone-like sandboxing.

~~~
monadic2
Can you elaborate? What is UWP and why did devs not like it? All the critique
i see with a quick google comes from game devs.

~~~
vezycash
Developer push back first started with windows 8 with fears of lockdown.
Valve's CEO was the most vocal because it looked like MS's end game would be
to crush steam.

Microsoft didn't help matters with the 99 dollars developer fee - not high per
se but in an existing free for all operating, pushbacks would happen.

Microsoft basically said to use this shiny new crippled toy, you must use our
store and pay money.

Microsoft also fanned the fire when they announced that only one metro browser
was allowed. That is you could only use the metro browser of your default
desktop browser. Others would be disabled

For me as a user I hated/hate, UWP, metro and all it's incarnations because:

UWP apps are slower than regular apps. In the early days they crashed a lot.
They wasted desktop real estate with too much whitespace. Initially they were
not resizable like normal windows application. Oh... The hidden settings menu
sucked.

Microsoft also consistently undermined the new format by limiting UWP to the
latest operating system. Metro apps couldn't run on Windows 7. Most Universal
apps made for Windows 10 won't work on Windows 8.1 and lower. Some wouldn't
even work on some Windows 10 versions.

For developers, having to maintain multiple versions written with different
API's for "one operating system" is crazy.

UWP apps are basically unusable without mouse or touch screen. Almost all the
shortcuts we know and love don't work.

This flat UI nonsense that makes it difficult for users to detect the active
menu or even clickable items was started by Microsoft with windows 8. Google
and Apple take the credit cos Microsoft failed with mobile.

~~~
LudwigNagasena
So it has little to nothing to do with sandboxing.

~~~
philistine
If you believe in such a thing as a Windows way, then UWP was absolutely not
the Windows way of doing things. Windows developers, used to the Windows way,
had only one reasonable answer.

~~~
pjmlp
So they thought, hence why Project Reunion is making clear what was already
slowly happening since 2018, exposing UWP model in Win32, including
sandboxing.

In a couple of years every Win32 app will think it still owns the OS, while
they are actually playing on their little virtualized OS, using the same pico
process model as WSL.

------
cletus
Ah, Fuchsia... another of Google's solutions looking for a problem.

I remember hearing about it and immediately asking "what is the market for
this?" and not being satisfied with the answer.

On the one side you have Samsung, who are unhappy enough with their dependence
on Google that they'll not likely eat the cost of moving from Android to
something else that has no strategic benefit to them (as far as I could tell,
anyway).

So what does that leave? Google making its own devices. I don't know this to
be the case but I strongly suspect the intent was for the Pixel line was (and
may still be?) intended to be the spark for Google being a vertically
integrated first-party seller of mobile devices. What I mean is these aren't
just proof-of-concept or developer devices.

The problem there is by doing that they'll hurt their relationships with
Android OEMs and it'd take a long time to fill that void, if that's even
possible.

So where else? The obvious answer is... Chromecast. This is a hardware product
Google has had a good amount of success with. It's already first-party.

A recently leaked report [1] seems to indicate that the next Chromecast will
be Android TV. That is (IMHO) _bad_ news for Fuchsia.

You have to also take into account that during the time Fuchsia has been
around (which must be 4+ years by now?) there's been a change at the top with
Sundar replacing Larry. That's always a dangerous time for high-profile and
high-cost (literally $billions) projects with no customers. Sundar came from
Chrome. Fuchsia didn't. You have to ask questions about who was the original
(SVP+) cheerleader who got it off the ground and funded it? Was larry on
board? Is Sundar/ Does that sponsor enjoy the same support under Sundar that
they did under Larry?

I don't know the answer to these questions, just that they matter. marissa
Mayer's departure from Google was largely a product of a change at the top as
she enjoyed Eric's favour but all signs pointed to Larry not being as big as a
fan.

Fuchsia probably should've been called Graphene. Graphene can do everything
but leave the lab, after all.

[1]: [https://arstechnica.com/gadgets/2020/06/googles-leaked-tv-
do...](https://arstechnica.com/gadgets/2020/06/googles-leaked-tv-dongle-looks-
like-a-merger-of-android-tv-and-chromecast/)

~~~
apozem
Bloomberg, 2018:

> One person who has spoken to Fuchsia staff described the effort simply:
> "It’s a senior-engineer retention project."

[https://www.bloomberg.com/news/articles/2018-07-19/google-
te...](https://www.bloomberg.com/news/articles/2018-07-19/google-team-is-said-
to-plot-android-successor-draw-skepticism)

Fuchsia’s greatest value is letting senior devs solve fun puzzles without the
burden of shipping anything customers want.

~~~
earthboundkid
Traditionally, large money-making companies liked having big, obvious loss
areas, so that when the hard times come, they can just cut that and restore
the illusion of growth on Wall Street. It only buys you a couple of quarters
of fake growth, but for Wall Street, that's often enough.

~~~
nv-vn
People like to claim these things anecdotally but if you sit down for a few
minutes and think about it then it doesn't really make sense. By doing
something like that you'd sacrifice current growth, and since money today is
worth more than money in the future cutting dead weight now would be more
valuable to the shareholders (not to mention the fact that the losses
accumulate each year as cash being drained from your accounts).

The reality is probably that companies are making a bet on some far fetched
technology, so for example Fuschia or the developers behind it could lead to
something insanely profitable, but there's only a 20% chance. If you're in a
good year then the investment is worthwhile because the expected value is
still positive. If you're in a bad year you can't afford to wait for the
investment to pan out (not to mention your risk model goes totally out of
whack; if the market is doing poorly consumers won't shell out cash for this
new tech) so you have to cut costs in that area.

~~~
c3534l
Shareholders are not rational, and CEOs believe shareholders to be even more
irrational than they actually are. There's plenty of research showing that
CEOs do things they think looks good to investors, despite evidence to the
contrary. What happens to come to mind is research of FIFO v. LIFO inventory.
One understates income at the benefit of having a lower tax liability, and the
other overstates income to investors at the cost of paying more in taxes.
Statistically, investors punish CEOs for leaving tax cuts on the table for an
amount greater than the value of the supposed tax savings, while CEOs insist
the opposite is true and that investors are rewarding them for overstating
income. Managing your books is widespread and commonplace. People downsize,
hide liabilities, massage earnings, and do irrational things regardless of not
just long-term consequences, but often on the basis of perceived consequences.

In this particular case, though, you're probably right. Android itself was one
of those whacky ideas that no one expected to gain any traction. Google funds
moonshot projects as a matter of company culture and self-identity and it
seems to actually make them money. Of course, the possibility still exists to
cut them for short-term gain and I doubt no one factors that into their
equation at all.

------
kyaghmour
This debate about monolithic vs. micro-kernels has been had many times. Maybe
this time the resolution is different, who knows. But FWIW Linux didn't reach
its success because someone made a feature comparison between it and what else
was out there in a spreadsheet and somehow discovered how Linux was so much
better. Instead, Linux won (and continues to win) because it's the Rocky
Balboa of operating systems. It may loose the first round, but it always come
back. And the reason for that is that Linux's biggest feature isn't
necessarily technical. Rather, it's the community of people around it, the
fact that it can tolerate a healthy dose of disagreement and infighting before
eventually finding and settling on whatever best solution solves the next
immediate problem, not some far-into-future idealistic goal. The downside to
that development model is that radical changes take several iterations/years
while in a centrally-managed OS development model can be shoved in
"atomically" \-- ex: real-time, tracing, etc. You can devise many a great OSes
on paper and even implement them. Bootstrapping an entire ecosystem and,
effectively, institutionalize a completely open and nimble development model
such as that of the Linux kernel is a whole other story.

~~~
jfb
Keep in mind, too, that path dependence plays a huge role here. Linux took off
when the alternatives were Windows NT, Novell Netware, or commercial Unixes
running on underpowered RISC hardware.

~~~
p_l
Late 1990s,a huge amount of linux installs in the business happened because of
Samba and Apache

~~~
jfb
Right! It takes nothing away from the Linux developers to acknowledge the
enormous role of contingency in Linux' initial adoption.

------
harryf
Didn't see the article address power management in the context of things that
might be running idle in the background. That would seem to be to be a major
incentive for an OS that's going be used on mobile, which needs to respond to
changes in environment on the move (changing WLAN, network, beacons etc.)

Blackberry's QNX (
[https://en.wikipedia.org/wiki/QNX](https://en.wikipedia.org/wiki/QNX) ) is a
microkernel architecture and was designed with this in mind -
[https://www.qnx.com/developers/docs/6.3.0SP3/neutrino/sys_ar...](https://www.qnx.com/developers/docs/6.3.0SP3/neutrino/sys_arch/power.html)
...

> Traditional power management (PM) is aimed at conserving the power of
> computers that are usually left on. The general-purpose approach to PM for
> desktop PCs -- or even for "mobile" PCs, such as laptops -- doesn't take
> into account the specific demands of embedded systems, which can be off (or
> on standby) much of the time, yet must respond to external events in
> predictable ways.

I don't know if it's inherently more efficient to implement this type of thing
with a microkernel but given the iBeacons and similar effectively "failed" (
[https://venturebeat.com/2018/10/27/why-android-nearby-
ibeaco...](https://venturebeat.com/2018/10/27/why-android-nearby-ibeacons-and-
eddystone-failed-to-gain-traction/)) due to power and sensitivity, this could
be a big enough incentive to start a new OS

------
bsaul
I'm both very excited someone is taking a shot at trying something new on
kernel side. But i can't help wonder about what would a future look like where
90% of hardware run on a Google-owned operating system.

~~~
logicprog
Would that really ever happen? Microsoft - a company so dominant it got an
antitrust lawsuit - hasn't even been able to get 90% of the market share. No
operating system since the very early days of computing has.

Not only that, but other older operating systems are always going to have an
advantage here anyway: they'll have support, ecosystems, documentation, and
people with years of experience with them.

Google isn't even a monopoly in _search_ for heaven's sake! Only 87% of people
use Google Search. If they can't get a monopoly there - and you really can't
get a monopoly in almost any industry without government help - what makes you
think they can get a near-monopoly in operating systems?

~~~
ocdtrekkie
87% of the market is a monopoly by any legal definition.

~~~
mrep
A monopoly is the sole supplier of a product or service and the fact that bing
exists makes search not a monopoly. In the concept of antitrust, the United
States Department of Justice does not use that term directly and instead talks
about power and the Supreme Court has defined market power as "the ability to
raise prices above those that would be charged in a competitive market," and
monopoly power as "the power to control prices or exclude competition" [0].
Google does not posses monopoly power over search as they do not exclude you
from using bing, nor do they control prices (bing in fact sets a lower price
than Googles free in that they will pay you to use their search engine). They
do have market power though.

[0]: [https://www.justice.gov/atr/competition-and-monopoly-
single-...](https://www.justice.gov/atr/competition-and-monopoly-single-firm-
conduct-under-section-2-sherman-act-chapter-2)

~~~
asah
bing has under 3% marketshare vs 92.06% for google. As an advertiser or
app/publisher, google has "the power to control prices or exclude
competition."

[https://www.google.com/search?q=bing+market+share](https://www.google.com/search?q=bing+market+share)

~~~
mrep
From Section IV of the Justice Departments article:

The Supreme Court has noted the crucial role that defining the relevant market
plays in section 2 monopolization and attempt cases. The market-definition
requirement brings discipline and structure to the monopoly-power inquiry,
thereby reducing the risks and costs of error. The relevant product market in
a section 2 case, as elsewhere in antitrust, "is composed of products that
have reasonable interchangeability for the purposes for which they are
produced--price, use and qualities considered." Thus, the market is defined
with regard to demand substitution, which focuses on buyers' views of which
products are acceptable substitutes or alternatives.

For search advertising, they will likely find other forms of advertising such
as Facebook as a good enough substitute and thus the market definition will
include other forms of advertising and not just search. For app publishing,
you can publish your app for android yourself which Fortnite did.

iOS distribution on the other hand can probably be argued for that and in fact
they are getting sued for their "abusive monopoly in iOS app/in-app
distribution services" [0].

[0] (PDF): [https://www.hbsslaw.com/uploads/case_downloads/apple-
dev/201...](https://www.hbsslaw.com/uploads/case_downloads/apple-
dev/2019-06-04-complaint-apple-developers.pdf)

~~~
bsaul
"For search advertising, they will likely find other forms of advertising such
as Facebook as a good enough substitute and thus the market definition will
include other forms of advertising and not just search."

Nope, they won't. because 92% of people search the web on google.

~~~
logicprog
He just said that they could find other places online to advertise ("other
forms of advertising such as Facebook"), not that they could find other SEARCH
places.

Do companies really care whether it's on Google Search or some other place, as
long as they get eyes? And really, Google doesn't own 92% of the web, lol.

------
modeless
It seems such a waste to spend all the effort to write a whole new OS and all
these drivers with the same old buffer overflow bugs we've been fighting since
the dawn of time. It doesn't have to be this way anymore!

~~~
logicprog
Indeed. I wonder why they didn't go with Rust? They seem to be trying to make
the perfect architecture from scratch without worries about complexity or how
experimental it is or even how long it'll take, and yet they don't go with a
language that'll solve a whole other class of problems? Seems like an odd
choice.

Maybe they're just making use of the existing C++ talent pool at Google.

~~~
nicoburns
Lots of the userland pieces are in Rust. I don't think Rust gives you much
advantage for kernel code (esp. in a microkernel), because most of it is
unsafe anyway. And Rust has some missing pieces for this kind of code (for
example, using custom allocators on a per-data structure basis is still
difficult).

~~~
modeless
I've heard this kind of argument a lot and it's getting tiresome when we just
keep seeing the same old preventable bugs being a problem time and time again.
Yes, a kernel written in a safe language will still have security bugs. But it
would absolutely have a very large positive impact. And any problems with safe
languages can be worked around with a bit of imagination, especially with the
level of effort already required to write a whole OS with a large number of
hardware drivers.

~~~
naasking
Rust would help with drivers, not so much with the kernel itself. Drivers run
in user space in Fuschia, so you should be able to use any language you want.

~~~
tbodt
*Fuchsia

------
smallstepforman
Ex BeOS developers are the core team behind Fuchsia (Travis Geiselbrecht and
Brian Swetland). Travis wrote NewOS which was adapted to be the Haiku kernel
(and Travis still hangs around the Haiku IRC channels every now and then). I
wouldn't be suprised to see Haiku R2 transition to Fuchsia kernel since they
share the same DNA.

------
snarfy
The technical reasons for Fuchsia to exist are debatable. The real reason it
exists is because Linux is GPL.

~~~
cxr
If that were true, then Google could have picked BSD or Linux's progenitor
Minix, like Apple and Intel did, instead of starting from near-scratch.

~~~
aquabeagle
Google is king of NIH.

~~~
deathgrips
National Institute of Health?

~~~
ModernMech
Not invented here.

------
sk0g
I thought it was going to be some boring material UI screenshots, but this is
so much more interesting! Susceptible to the usual C bugs, albeit with minor
impact. I thought they were switching most of the kernel and drivers to Rust,
for some reason.

Edit: not a Rust fanboy by any means, hell, I've never even opened a Rust
file.

~~~
est31
> I thought they were switching most of the kernel and drivers to Rust, for
> some reason.

Note that zircon itself is not allowed to contain any Rust [0]. It's not
exactly specified what they mean by the kernel, but it seems that this
includes not just the microkernel but also everything that lives in the zircon
top level directory, which is enough to boot the system. tokei says there is
not a single line of Rust in that entire directory (but about 1 million lines
of C/C++).

[0]:
[https://fuchsia.googlesource.com/fuchsia/+/cb20372465f875ff4...](https://fuchsia.googlesource.com/fuchsia/+/cb20372465f875ff4fbf2a04f0951430207f7b7a/docs/contribute/governance/policy/programming_languages.md#languages-
rust-decision)

~~~
sk0g
I wonder what the ratio of C:C++ is. Sounds like they're using C as a
restricted C++ anyway, which is interesting.

~~~
yjftsjthsd-h
I know what it means to use C++ as a nicer C, but what does it mean to use C
as a restricted C++?

~~~
de_watcher
C as a restricted C++ could be probably something like GLib: a deeply object-
oriented library (nowadays C++ isn't about OOP at all though).

------
pier25
A couple of years ago it was believed that Fuchsia would replace Android and
ChromeOS. Then, IIRC, it was said in a Google IO that it was just some sort of
experiment to test new OS ideas.

What do you think is Google's masterplan for Fuchsia?

~~~
kenforthewin
Like most of their products, I don't think there is a master plan.

~~~
jrsj
At the very least I expect to see it used in "IoT" devices like Nest
thermostats and stuff like that. Whether it ever replaces ChromeOS or Android
is impossible to determine at this point though. Almost every attempt at
running Android apps on another platform for compatibility has been a failure.
Microsoft seems to have given up on it entirely.

~~~
sk0g
Wouldn't that be where Flutter could come in handy? If the same codebase cross
compiles to Android and Fuchsia (hell, even iOS), lack of apps won't be an
issue.

The Android team doesn't seem fond of Dart/ Flutter, but that's not
surprising. Who wants to voluntarily sign their death certificate, so to
speak?

~~~
pier25
I could be wrong, but I imagine at least some people in the Android team would
like a fresh start.

------
malkia
I can't get fuchsia to work anymore on my Acer device. It used to work just 10
days ago, hopefully gonna fixed soon :) -
[https://ci.chromium.org/p/fuchsia/builders/global.ci/worksta...](https://ci.chromium.org/p/fuchsia/builders/global.ci/workstation.x64-release/b8877947158353867984)?

(e.g. I'm compiling for --release workstation.x64 --with-base ... the kitchen-
sink)

------
ikeyany
I would love to see an interactive map of Zircon, similar to the one of the
(older) Linux kernel -
[https://makelinux.github.io/kernel/map/](https://makelinux.github.io/kernel/map/)

------
mlang23
Spooky. I predicted the double descriptor read bug before actually seeing the
code. I am not an expert, and I definitely haven't written my own USB stack.
Still, I wonder why the original code had this problem, given that this seems
to be the classical example of how to attack a USB stack. Somehow reminds me
what happened when Cisco started to ship a HTTP server with some switches. One
of the first bugs was a buffer overflow on URLs longer then 255 bytes ...

------
ThinkBeat
I fully welcome some more competiton on the operating system front.

I am sad to see WindowsNT, Linux and macOS be the only dominant operating
systems.

My personal very perhaps unpopular view is that Windows NT has a better
technial implentation than Linux.

Linux does most things well, form small devices to big iron. That is true now.

But when it started, it was as a learning experiment, and damn good one too.
An amazing achievement. A lot of work my haorsd of people have since built on
top of it, replaced things, epanded things, hardening things, adding drivers,
etc. And it has come a long way, but to me as an operating system, technically
it is not that inspiring.

I wish we had maybe 10 competitve opearing systems, some brand new off the
presses.

I have run Linux in one form or another since the first Yggdrasil release at
the end of 1992. (not very early).

It was amazing. Running it on my PC at home and it was faster than the
terminals at school (well all shared a few servers so always a lot going on, I
am sure if you had it all to yourself it would be faster. I guess that is why
some people spent the nights there is they had demanding tasks to run, but
htye were not a priority to get access to the better, newer and a lot more
dedicated hardware. (It was a complicated process).

I could do 90% of what was needed at home, woot.

I was very happy when I get my paws on the first WindowsNT release back in
1994 I think. I had preordered it.

I cold not wait to install it.

processor-independent, multiprocessing and multi-user operating system the end
of 1992.

After having suffered through the pain that was Widows that had a kinda sorts
maybe a little multitasking. Finally an improvement. OF course, a lot of my
software refused to run on it, or it refused to run it

The first Mac I had with macOS was also very cool, since then OpenBSD, I had
NextStep when they released it for Intel. Very cool.

Anyways I have been waiting since to get a new operating system that levels up
the game, as much as WindowsNT did for Windows 3.11, 95, 98, me.

I have not yet had that privilege.

I had good hopes for Plan9, QNX, a reimplementation fo BeOS that is still
ongoing. (I might have the wrong name on that one. I remember a demo I had at
the university of a BeBox with the BeOs and how well it multitasked what
backed then seemed like very CPU intensive graphics manipulation while playing
a video and some other stuff -at the time-... I never got a BeBox and havent
run its OS)

There have been, and are some solid research OSs but they have never made it
out into the real world.

WindowsNT, Linux and macOS cannot be all we are given. What replaces them?

Where is WindowsNTNT.

Will it take quantum computers to become the norm before we get it? Maybe
Linux already runs on that too.

(if quantum computers ever become viable or even a good fit for everyday
boring computer stuff).

Give me a new operating system, written from scratch, to implement every
secure feature it should have, harden it, eliminate even the possibility of
buffer overflows and assorted tasks, or create them so that the elements that
are exposed can fail gracefully and non-destructbily and not leak data or
allow inputting of data.

I forgot about Qubes OS, that is very interesting. Maybe that is it.

~~~
AnIdiotOnTheNet
The BeOS "reimplementation" is called Haiku. It is a pretty remarkably mature
project, though unfortunately not what I'm looking for in a new OS personally.

The reason we don't see new OSs is pretty simple: there is entirely too much
hardware you have to accommodate to be usable. There are klocs of actual
kernel code in Linux, and Mlocs of driver code.

~~~
Koshkin
I think the answer is to have device drivers implemented as part of device
firmware.

~~~
giantrobot
That becomes extremely problematic as a lot of devices anymore ship with bare
minimum firmware to turn themselves on and require the host to upload firmware
to actually work. The "drivers" on disk are then the modules required by the
OS and a big blob of firmware.

Other times devices are just a thin PHY interface and all of the work is done
in software inside the driver. There's nothing on the device to even run
onboard firmware.

So many devices _can 't_ store their own drivers for the host to use, let
alone store drivers for multiple operating systems.

~~~
Koshkin
So the idea is similar to the one at the base of (the original) OpenGL, i.e.
that of a _hardware_ API that can be used by any OS.

~~~
giantrobot
There's a bit of that already with USB device classes. A keyboard might have a
bunch of special features if it at least works with the USB HID keyboard class
it will have base level keyboard functionality.

For some things like HIDs this can be pretty workable. For more complicated
peripherals it is far more challenging if not impractical.

That's not to say device drivers should be an insane Wild West of
compatibility shims and edge cases but some blanket solution doesn't solve all
problems.

------
miohtama
Assuming most (not all) vulnerabilities are C-style use after free and buffer
overflows. If kernel were written in Rust these vulnerabilities would not be
issues? Meaning microkernels only make sense in C world. What am I missing?

~~~
yjftsjthsd-h
As you implicitly note yourself; even if "most ( _not all_ ) vulnerabilities
are C-style use after free and buffer overflows" \- well, if you reasonably
can do something to defend against the things that _aren 't_ memory issues,
then that will catch those. Also, even Rust lets you use "unsafe" code, and an
OS will probably contain some; even if it's minimal, even if it's reviewed,
you want any extra protections that you can get.

------
SV_BubbleTime
CTRL-F dart

No matches.

I wonder how many people can look past the kernel when discussing what this is
and how it’s different from Android?

------
6gvONxR4sf7o
Would an OS like this mean really really tough DRM?

------
li4ick
Greg Kroah-Hartman told me it's 40 times slower than Linux, at least that's
what he told me 1 year ago. Wonder how that's changed...

~~~
CyberDildonics
What does that even mean? What specifically was slower?

------
t43562
C++....microkernel....reminds me of Symbian. :-)

------
jcun4128
Hmm I was looking at this expecting GUI screenshots, but interesting non-the
less/beyond me my scope at this time but neat to read about.

------
wackget
"Fuchsia is a new operating system developed by Google"\- and I'm out.

