hngopher.com

       [HN Gopher] Haiku Monthly Activity Report - May 2021
       ___________________________________________________________________
        
       Haiku Monthly Activity Report - May 2021
        
       Author : bitigchi
       Score  : 78 points
       Date   : 2021-06-04 16:43 UTC (6 hours ago)
        
 (HTM) web link (www.haiku-os.org)
 (TXT) w3m dump (www.haiku-os.org)
        
       | OldGoodNewBad wrote:
       | I used BeOS as my main OS for something like two years back in
       | the day, and recently I tried out Haiku. It's quite stable and
       | has a modern browser, emacs, and our favorite compiler. It's also
       | so alien that I doubt there are exploits around for it.
        
         | Apocryphon wrote:
         | Looks like it's still got a ways to go to be a true daily
         | driver, especially in terms of a web browser, but it's
         | certainly usable.
         | 
         | https://www.youtube.com/watch?v=eOeOfBl3mbI
        
         | qubex wrote:
         | I also used BeOS back in the mid nineties, first on an actual
         | BeBox-133 and later on a dual PIII-450 PC. I still have bouts
         | of nostalgia for that setup. The GUI and UX were extraordinary.
        
         | tialaramex wrote:
         | It's scarcely necessary to "exploit" an operating system which
         | essentially lacks any security model. If you are code running
         | on Haiku, you have better than superuser privileges. Such code
         | can (while the mere user cannot) do stuff like alter the
         | internals of "read-only" system software, blow up the operating
         | system internals or scribble all over the raw disk.
         | 
         | Back in the day Haiku didn't do the hostname check in its TLS
         | code. Browser, command line tools, package updates, everything
         | just ignored hostnames - so it would have apparently secure
         | HTTPS fetches, but under the hood if you can interpose and hand
         | Haiku a certificate you got for say your personal blog from
         | Let's Encrypt, that checks out fine even though the name
         | doesn't match - so you could impersonate Haiku's update
         | servers. They did, after many years, fix that particular issue,
         | but lots of similar bugs remain, you're primarily hoping nobody
         | tries anything.
        
           | [deleted]
        
           | AnIdiotOnTheNet wrote:
           | > Such code can (while the mere user cannot) do stuff like
           | alter the internals of "read-only" system software, blow up
           | the operating system internals or scribble all over the raw
           | disk.
           | 
           | Who cares. OS stuff is easy to replace. The real problem is
           | that it can also destroy any user data... just like every
           | binary on Linux or Windows.
        
       | tombert wrote:
       | I still need to play with Haiku (or BeOS).
       | 
       | Much as I like POSIXey stuff, and am perfectly happy with macOS
       | or Linux, a part of me feels like POSIX is an example of the
       | "curse of the good enough". It's nice to see an open source non-
       | Unix getting a bit of love, even if it's still somewhat of a
       | niche audience right now.
        
         | bitigchi wrote:
         | Haiku is POSIX compatible, thus giving access to a wide
         | software library, while keeping it coherent on the UI-UX side.
         | Native applications are slowly coming through, though.
        
           | tombert wrote:
           | I actually didn't know that. Maybe I should boot Haiku onto
           | one of my secondary PCs and try playing with it.
        
             | bitigchi wrote:
             | If you run into any issues, please drop by the forums or
             | the IRC to get assistance.
        
       | Koshkin wrote:
       | Linux became popular within five years of its conception. What
       | future lies ahead for Haiku and similar projects? Are they
       | destined to remain forever little curiosities on the outside and
       | huge time sinks on the inside? I wish I could see otherwise, but
       | somehow I can't...
        
       | rgrieselhuber wrote:
       | Nice to see projects like this
        
       | Panino wrote:
       | Nice to see contribs from a variety of people, Haiku is
       | definitely not a one-person project. Lots of respect for their
       | community.
       | 
       | > The new font is Spleen, an open source monospace bitmap font
       | designed by Frederic Cambus.
       | 
       | Super cool! That's the default font in OpenBSD, created by an
       | OpenBSD dev.
       | 
       | > korli implemented stack protection support in Haiku (currently
       | disabled by default, configurable at compile time).
       | 
       | Security is an issue for Haiku so it's great to see progress
       | there. I wonder if Haiku could get pledge(2) and unveil(2) like
       | OpenBSD and SerenityOS?
        
       ___________________________________________________________________
       (page generated 2021-06-04 23:01 UTC)