Next gen Amiga

[Glen M]

Quote:

Originally Posted by Akira

Galahad, the OP, never posted again in here, probably realizing the can of worms he opened!

Go back fourteen pages and realize what this thread was actually about.
Hint: it was not yet another zealot fan fiction fantasy.

^that

[MigaTech]

Quote:

Originally Posted by Glen M

^that

Until the moderators state otherwise, these conversations can continue! Besides I do not think the OP is that bothered, he is just flattered his thread has become viral.

[meynaf]

This kind of thread always opens cans of worms. That's not new.

[meynaf]

Quote:

Originally Posted by MigaTech

Until the moderators state otherwise, these conversations can continue! Besides I do not think the OP is that bothered, he is just flattered his thread has become viral.

He's opened the thread, has sit down, and is now having popcorn watching the show. We mustn't deceive him

[Daedalus]

Quote:

Originally Posted by meynaf

A user unable to snapshot icons, partition drives, or install games, will certainly not go online with his miggy (and if he does, it will be on sites such as aminet).

That's quite the assumption. There are also many threads here and elsewhere from people trying to get their Amigas online without knowing anything about Amiga TCP stacks. Sure, they might only be on Aminet, or maybe check their email, but even in the past few years there have been (old) viruses found on Aminet downloads. And are we sure there aren't any exploitable flaws in the various FTP and IRC clients that are commonly recommended for users totally new to having their Amigas online?

Quote:

They are by definition network apps. On other platforms many other apps do something on the internet (often without the user knowing).

And? All that means is that it's a shorter list of applications to look for.

Quote:

Uploading memory can be done on other machines as well, even if it's just the browser's memory - which in turn contains more useful information than the miggy's memory, where you'll hardly, if ever, find something like a credit card number.

It all depends entirely on what you're doing, and anyway it was an example to illustrate the point.

Yeah, sure. But don't tell me i'm vulnerable to an attacker just for the mere reason i go online with my Amiga - as this is not true.[/quote]
that's not what I'm saying, as has already been pointed out, nobody targets Amigas so you're very safe.

Quote:

Nothing I wouldn't be able to recover with DiskSalv or some backup. Especially because only SYS: exists from your list on my system.

Yep, which is again why I make the point that you're not every user. Not finding something on your computer doesn't mean the platform as a whole is safe. From seeing many different Amigas over many years, I could easily compile a list of paths that would exist on a large number of machines.

Quote:

But whatever, there is no interest in deleting people's files anyway - resources spent for protecting against this kind of attack are just wasted to something highly unlikely and easy to fix.

And again, I see I need to explicitly explain the example that I though had obvious implications. Being able to delete a file also means being able to modify a file. It's not just deleting a file to give you a minor annoyance, it's about silently patching executables to run whatever code I wish to run. It's about reading your FTP passwords list. It's about reading your emails. Deleting files is just one obvious aspect.

Quote:

And so ? You've just discovered that I have a copy of clipboard.device in devs: - big deal.

Again, not the point. *sigh*

Quote:

Anyway we're too far here already.

Indeed.

Quote:

Scanning my HD means you were able to execute arbitrary code on my machine - which you just can't do.

That you know of.

Quote:

Not when i'm in.

And why do you when you're not in? After all, if people really want access, they'll get it.

Quote:

And you, do you expect your home's contents to defend itself when you're not there ?

I work on the idea that taking reasonable precautions greatly reduces the risk of a break in, while never being able to completely eliminate it.

[Gorf]

All systems with a browser are vulnerable - ALL.
Amigas - old or NG or Aros, are probably less of a target, but that does not make them safe.
Windows, macOS and even Linux are still not save, despite of memory protection, anti-virus software (which can be a backdoor itself) and other "security features".

The safest option today (from a technical point of view) would be OpenBSD on a RasPi, since the CPU is not operating in speculative mode and the OS is probably the hardest to crack.

The second best option is to use a virtual machine for your browser and a non-intel CPU.

And there we are again:
if you want security, stability, a clean system layout, easy and clean installs and deinstalls you need a bunch of virtual machines or containers. The OS running in such a VM does not need memory protection on its own.

That would be my vision for a post-NG AmigaOS.

And it would give you multi-core usage for "free".
Not only for if you use multiple apps or services but also a single program could use several instances of the OS:

All you need is a message passing mechanism provided by a library like MPI or nanomsg.
Your renderer or video-encoder would fire up a new instance of the OS for each core (or your system keeps empty instances in reserve) and start a new render task on each. Communication via message passing - data via virtual network or a slice of shared memory.

That is how all supercomputers round the world do it - they all use MPI.
It works and once you understand it, it is not hard to code for - have done it myself on Munich's SuperMUC.

[kolla]

The most easy attack back in the days was getting people on IRC to load slightly crafted AmIRC scripts.

[Thorham]

Quote:

Originally Posted by meynaf

Memory protection isn't impossible to add.

Adding memory protection to a single instance of the OS isn't, unless I'm mistaken.

Quote:

Originally Posted by meynaf

Just use the sandbox technique. You can already, as of today, run several Amiga programs in this way - just run several instances of uae.

That doesn't work on an Amiga.

Quote:

Originally Posted by meynaf

Also keep in mind that memory protection shouldn't be more than a debugging tool.

On the Amiga, perhaps, but only because you don't need the same security as on the peecee.

Quote:

Originally Posted by meynaf

Making the system tolerant to errors, makes these errors more frequent.

Only because of lazy developers.

Quote:

Originally Posted by meynaf

These have been invented to make peecees multitask properly.

Peecees multitask fine even with Windows XP on a Pentium 3. Multiple cores increase the amount of CPU time available and is useful. Try high quality 3D rendering with Blender, for example. While the GPU can do some things, you still need the CPU a lot for this (not so much for real time 3D). It's also useful in games (again, the GPU can't do everything).

Quote:

Originally Posted by meynaf

And what's wrong in being 32bit ?

In many cases, nothing.

Quote:

Originally Posted by meynaf

What do you need 64bit for ?

Large address space (things like huge games) and some algorithms.

Quote:

Originally Posted by meynaf

Me too. But i'll tell you a secret : all other OSes are worse.

No. AOS is VERY far behind the times. A new, written from scratch OS, could indeed be better than everything else, but as it stands, AOS isn't the best.

Quote:

Originally Posted by E-Penguin

Using the Amiga to surf the Internet in 2018 must be almost the definition of security by obscurity.

More like security through obsolescence.

Quote:

Originally Posted by MigaTech

my 4GB PC is always getting hit by the boll**ks on the internet!

No issues here with Windows 10.

[meynaf]

Quote:

Originally Posted by Daedalus

That's quite the assumption. There are also many threads here and elsewhere from people trying to get their Amigas online without knowing anything about Amiga TCP stacks. Sure, they might only be on Aminet, or maybe check their email, but even in the past few years there have been (old) viruses found on Aminet downloads. And are we sure there aren't any exploitable flaws in the various FTP and IRC clients that are commonly recommended for users totally new to having their Amigas online?

While we can't be sure there aren't any exploitable flaws, we can be sure there aren't many hackers looking for them.
And even if these people go online and catch some dirt (which is possible but unlikely), they can just switch their machine off and come here asking for advice on how to remove the malware.

Quote:

Originally Posted by Daedalus

And? All that means is that it's a shorter list of applications to look for.

No, that means there is a shorter list of possible flaws, a list you can not even be sure is not empty.

Quote:

Originally Posted by Daedalus

It all depends entirely on what you're doing, and anyway it was an example to illustrate the point.

Illustrate what ? You claim the Amiga isn't safe but can't provide an example that's reasonably likely to happen...

Quote:

Originally Posted by Daedalus

that's not what I'm saying, as has already been pointed out, nobody targets Amigas so you're very safe.

So what's your point ?

Quote:

Originally Posted by Daedalus

Yep, which is again why I make the point that you're not every user. Not finding something on your computer doesn't mean the platform as a whole is safe. From seeing many different Amigas over many years, I could easily compile a list of paths that would exist on a large number of machines.

Ok, let's admit you have such a list of paths that exist. Now what ? You still need to execute code to access that.
In addition, so-called secure systems will not prevent you from accessing what the current user can, so they're not safer. When code gets executed, it's too late.

Quote:

Originally Posted by Daedalus

And again, I see I need to explicitly explain the example that I though had obvious implications. Being able to delete a file also means being able to modify a file. It's not just deleting a file to give you a minor annoyance, it's about silently patching executables to run whatever code I wish to run. It's about reading your FTP passwords list. It's about reading your emails. Deleting files is just one obvious aspect.

Seems you're too much at the theoretical level.

Quote:

Originally Posted by Daedalus

Again, not the point. *sigh*

Sigh if you want, but then you have to be clearer about what your point exactly is.

Quote:

Originally Posted by Daedalus

That you know of.

There are ways to catch you red-handed. Processes, interrupts, HDD led, even HDD noise... You can't escape.

Quote:

Originally Posted by Daedalus

And why do you when you're not in? After all, if people really want access, they'll get it.

You've answered this yourself (with text in quote below).

Quote:

Originally Posted by Daedalus

I work on the idea that taking reasonable precautions greatly reduces the risk of a break in, while never being able to completely eliminate it.

So we just don't agree on what reasonable precautions are.

[meynaf]

Quote:

Originally Posted by Thorham

Adding memory protection to a single instance of the OS isn't, unless I'm mistaken.

I didn't say it doesn't require running several instances.

Quote:

Originally Posted by Thorham

That doesn't work on an Amiga.

Sorry, but AOS in a sandbox already exists on the Amiga and works fine. Just about every whdload'ed game using the OS works this way (guess why they need a kickstart file !).

Quote:

Originally Posted by Thorham

On the Amiga, perhaps, but only because you don't need the same security as on the peecee.

Memory protection by itself doesn't bring security.

Quote:

Originally Posted by Thorham

Only because of lazy developers.

They have reasons for becoming lazy.

Quote:

Originally Posted by Thorham

Peecees multitask fine even with Windows XP on a Pentium 3. Multiple cores increase the amount of CPU time available and is useful. Try high quality 3D rendering with Blender, for example. While the GPU can do some things, you still need the CPU a lot for this (not so much for real time 3D). It's also useful in games (again, the GPU can't do everything).

So we're a cpu hog now ?

Quote:

Originally Posted by Thorham

Large address space (things like huge games) and some algorithms.

Large address space ? So we're a memory hog too ?
Huge games ? They can just load some data here and there, like they always did.
Some algorithms ? Which ones ?

Quote:

Originally Posted by Thorham

No. AOS is VERY far behind the times. A new, written from scratch OS, could indeed be better than everything else, but as it stands, AOS isn't the best.

What is "far behind the times" ?
Is it "not containing all the garbage the others do" ?

[MigaTech]

When downloading on PC, I download file and scan for virus, then to FDD finally to Amiga from FDD.

I was thinking that you could download directly to FDD and then scan for virus before sending to Amiga. Would this not rule out any risk to computer?

By turning off cookies the surfing experience is worst, yet the security increases on your system. This isn't entirely true, is it?

Changing passwords and/or the name of your ISP router helps immensely.
There is no complete safe way to surf the internet, even if you use an internet café, in fact this could possibly be worst. Although I believe this is where most hackers hang out.


Meynaf and Daedalus are both correct in what they are stating, although both seen to be struggling with perplexing and obscure posting.

[Thorham]

Quote:

Originally Posted by meynaf

I didn't say it doesn't require running several instances.

And that's my point: A multiple instance based sandbox isn't memory protection, because it doesn't protect the OS and programs from bugs in other programs.

Quote:

Originally Posted by meynaf

Sorry, but AOS in a sandbox already exists on the Amiga and works fine. Just about every whdload'ed game using the OS

That's great for multitasking. It also doesn't protect the OS and programs. Anything can just wipe everything (unless the MMU is used).

Quote:

Originally Posted by meynaf

Memory protection by itself doesn't bring security.

Indeed, but without it, full security isn't possible. Not so important on 68k, but it would be nice to have non the less.

Quote:

Originally Posted by meynaf

They have reasons for becoming lazy.

Sure, but it isn't memory protection's fault.

Quote:

Originally Posted by meynaf

So we're a cpu hog now ?

Not an Amigas, but on AOS4 machines and peecees I wouldn't want to be stuck with a single core anymore.

Quote:

Originally Posted by meynaf

Large address space ? So we're a memory hog too ?

Again, not on Amigas, but why limit everything to 4GB? Because it's enough for everything? They said that about 640KB...

Quote:

Originally Posted by meynaf

Some algorithms ? Which ones ?

Ones that do large amounts of 64bit arithmetic. This is the same as asking what 32bit is good for when 16bit is enough. Why is 32bit the magic bit width anyway?

Quote:

Originally Posted by meynaf

What is "far behind the times" ?

Compare the OSs in terms of features (forgetting about the crap no one needs, of course). The only advantage of AOS, besides not being bloated, is the amount of control you have because of it's simple structure.

Quote:

Originally Posted by meynaf

Is it "not containing all the garbage the others do" ?

No, it's taking what is good about recent OSs and getting rid of what's not good about those OSs.

[indigolemon]

Quote:

Originally Posted by MigaTech

When downloading on PC, I download file and scan for virus, then to FDD finally to Amiga from FDD.

Will catch any PC virus lurking in said file, but not an Amiga virus.

Quote:

Originally Posted by MigaTech

I was thinking that you could download directly to FDD and then scan for virus before sending to Amiga. Would this not rule out any risk to computer?

Still a disk mounted on your PC, so no.

Quote:

Originally Posted by MigaTech

By turning off cookies the surfing experience is worst, yet the security increases on your system. This isn't entirely true, is it?

Turning off cookies doesn't really help tbh, other than breaking many useful sites. Just make sure you have an to date browser instead. Maybe look at a browser plugin like uBlock-origin too

Quote:

Originally Posted by MigaTech

Changing passwords and/or the name of your ISP router helps immensely.

Best to just get your own router tbh, then run an open firmware like DD-WRT or Open-WRT.

Quote:

Originally Posted by MigaTech

There is no complete safe way to surf the internet, even if you use an internet café, in fact this could possibly be worst. Although I believe this is where most hackers hang out.

lol - in movies maybe

[Gorf]

Quote:

Originally Posted by Thorham

Adding memory protection to a single instance of the OS isn't, unless I'm mistaken.

start using mmu.library.
AmigaOS can differentiate between private and public memory regions. You just need to declare them. the MMU can protect private regions.

Quote:

That (sandboxing) doesn't work on an Amiga.

It sure does! WHDload is doing it.
Starting UAE on an AmigaOS gives you even a virtual machine.

Quote:

On the Amiga, perhaps, but only because you don't need the same security as on the peecee.

if you need security use a sandbox/VM.
You need to do the same on a PC or Mac - Safari on a Mac runs sandboxed per default.

Quote:

Peecees multitask fine even with Windows XP on a Pentium 3. Multiple cores increase the amount of CPU time available and is useful.

spread your rendering task over several instances.
With support of a designated library this is not more effort for a coder than using threads on windows or linux.

Quote:

No. AOS is VERY far behind the times. A new, written from scratch OS, could indeed be better than everything else, but as it stands, AOS isn't the best.

you would just end up with a second Haiku or Syllable.
Or just with Fuchsia, which stands a good chance to become widely used.

I think many concepts and ideas of AmigaOS still stand even today und they could be transferred to a modern OS by skipping things like traditional memory protection via separated memory spaces and SMP and by going the "framework" route.

[MigaTech]

Quote:

Originally Posted by indigolemon

Will catch any PC virus lurking in said file, but not an Amiga virus.

So could be fairly secure as there are not too many Amiga viruses about, maybe?

Quote:

Originally Posted by indigolemon

Turning off cookies doesn't really help tbh, other than breaking many useful sites. Just make sure you have an to date browser instead. Maybe look at a browser plugin like uBlock-origin too

Browser is constantly offering updates, every other day which just goes to show how much of a problem this is on the internet, yet most do not realise.

Quote:

Originally Posted by indigolemon

Best to just get your own router tbh, then run an open firmware like DD-WRT or Open-WRT.

How is this possible with ISP codes IRQ addressing etc. It wouldn't access the ISP service unless you hack the settings on-line but then you lose the IPS router and have to hope it works using the replaced router.

Most users do not even change the name of the ISP router so you even know what provider they are using. Another advantage of changing the passwords is the fact that most ISP routers have the default PW printed on it!

What about using an Empty PC as Master to link router and then use PC's connected to that as slaves. then only the Master is at risk.

Do you think it is safer to use RJ45 connection rather than WiFi?

Quote:

Originally Posted by indigolemon

lol - in movies maybe

Yes I must admit I do get influenced by the Movies quite a lot.

[Gorf]

Quote:

Ones that do large amounts of 64bit arithmetic. This is the same as asking what 32bit is good for when 16bit is enough. Why is 32bit the magic bit width anyway?

And what about the algorithms that use a lot of 128bit arithmetic?

ist turned out, that 32bit is indeed a kind of sweet-spot: the precession is often enough and the pointers can directly address up to 4 Gig. Using 64-bit in your program mostly does not speed up things, but makes the binary larger and wastes memory bandwidth.
Thats why microsoft still compiles all its office tools still for 32bit and that is the version it will install on your PC if you do not especially download the 64bit version ...

but again: that is not really a big matter. AROS has full support for 64bit already.

[indigolemon]

Quote:

Originally Posted by MigaTech

How is this possible with ISP codes IRQ addressing etc. It wouldn't access the ISP service unless you hack the settings on-line but then you lose the IPS router and have to hope it works using the replaced router.

Not sure what you mean here, as long as any replacement router can handle the correct standards for comms (in my case VDSL fibre to the cabinet) you can use any router. I've never used the router Plus.net gave me, instead utilising a Linksys WRT1900ac for my comms at home.

As long as your ISP isn't being a dick and gives you the user/pass to log in to their network, you can use whatever you like.

[Thorham]

Quote:

Originally Posted by Gorf

AmigaOS can differentiate between private and public memory regions.

Which no one uses, so that will potentially break a lot of software.

Quote:

Originally Posted by Gorf

It sure does! WHDload is doing it.

Without memory protection software can still crash EVERYTHING.

Quote:

Originally Posted by Gorf

Starting UAE on an AmigaOS gives you even a virtual machine.

Not really an option for 68k.

Quote:

Originally Posted by Gorf

if you need security use a sandbox/VM.

It doesn't get rid of the fact that memory protection is necessary for real security, sand box or not, which is what this is about.

Quote:

Originally Posted by Gorf

spread your rendering task over several instances.

With support of a designated library this is not more effort for a coder than using threads on windows or linux.

I find the whole multiple OS instances nothing more than a hack, and it shows one of the reasons why AOS is behind (logical, it dates from before 1985, and was designed for an under clocked 8mhz 68000).

Quote:

Originally Posted by Gorf

you would just end up with a second Haiku or Syllable. Or just with Fuchsia, which stands a good chance to become widely used.

For me it's more about 68k. 68k can do better and be faster than AOS, and that would have to be designed and implemented from scratch, preferably in assembly language (not exactly a gargantuan task, but who'd use it?).

Quote:

Originally Posted by Gorf

I think many concepts and ideas of AmigaOS still stand even today und they could be transferred to a modern OS by skipping things like traditional memory protection via separated memory spaces and SMP and by going the "framework" route.

Why not design something from scratch to be REALLY better than everything else? Why does everything have to be based on 30+ year old legacy stuff? You see this with other CPUs and OSs as well. It's time for something new (Amiga hardware is a great retro platform, of course, so I'm not counting that).

[Gorf]

Quote:

And that's my point: A multiple instance based sandbox isn't memory protection, because it doesn't protect the OS and programs from bugs in other programs.

Of course it is memory protection: every instance would run in its own space - perfectly separated and protected from other instances.

In that case exec, other libraries and the program in such an instance become a unit.
If that unit becomes compromised you shut it down.
The rest of your system and all the other instanced are not affected.

the supervisor unit does not run any programs itself and never gets compromised.

The result is what matters for the user and the developer.

User: your system is stable - if a program fails you restart the sandbox. That looks and feels indistinguishable from starting a program today - double click the icon.

Developer: you run and debug your program in a sandbox, while the rest of the system is not affected by bugs and crashes. the sandbox can have a debug mode to provide additional information about what went wrong.

[Gorf]

Quote:

Originally Posted by Thorham

Which no one uses, so that will potentially break a lot of software.

No it would not really break things
but again: to be safe start your old apps in a sandbox.

Quote:

(UAE)Not really an option for 68k.

E-UAE exists for 68k Amigas.

Quote:

It doesn't get rid of the fact that memory protection is necessary for real security, sand box or not, which is what this is about.

I really don't get what you mean by "real security".
why should a sandbox not be secure?

Quote:

I find the whole multiple OS instances nothing more than a hack

you got the wrong impression here.
It is just a different way of doing things. A way that is getting more and more popular. Most servers in world make use of these techniques.
Over 4 billion smartphones run a hypervisor on L4 microkernel-basis to separate the frontend-OS (android) from the actual phone-software.
Users just don't know.

Quote:

For me it's more about 68k. 68k can do better and be faster than AOS

?
And ISA can do better than an OS?
A road can do better than a car?
Air can do better than a plane?

Quote:

, and that would have to be designed and implemented from scratch, preferably in assembly language (not exactly a gargantuan task, but who'd use it?).

Not sure how much that would improve things.
As soon as you start a program our OS does not interfere much. Your program can easily utilize 99.9% of your CPU power.

Quote:

Why not design something from scratch to be REALLY better than everything else?

could you describe/outline that a little bit more?
What do you have in mind?
(maybe our visions are not so different after all)