Context: https://www.youtube.com/watch?v=QKzRf8B-oDk
Would it be possible to run mpv and a browser directly on hardware somehow? Perhaps in an environment that doesn’t classify as an operating system according to the definition in those California codes?
I know that an operating system distributes workloads and facilitates communication between various hardware components, but would it be possible to build a Linux kernel that is “only” an interface to the CPU, a GPU, a sound card and a keyboard? One that can take commands to run for instance a browser[1] and mpv? Having the user manually - through commands of physical switches - handle the inter component communication? Or perhaps by being a kernel it already falls under the definition of an OS?
I’m just spitballing here. Barely know what I’m talking about, so please enlighten me! :D
Nowadays, a browser feels like a container that can run most things a physical computer would: stream media, serve as a word processor, play simple games, what have you. ↩︎
You must log in or # to comment.
That’s a “kiosk” setup. Still a OS.
If you are concerned about the new California law it is important to point out that the California law only applies to Operating Systems vendors and providers. It does not apply to end users.
For example, if you obtain a copy of a Canadian linux distro and install and use it on your computer in California, you aren’t breaking any law.
There is no hard definition within the laws so this is all speculation. This means that there is no technical answer because the question in is core is a legal one.
Your TV for example can have a browser without problems.
You can have an integrated board that runs a full Linux without you being able to touch the underlying OS and let that start a browser, too. You know those tv screens that show you traffic into it flight plans at the airport? Those are often full Linux computers set up exactly like that.
In short: we’ll only know when the law is actually being tested. It’s written in a way that I as layman could talk and software and even most hardware into it’s definition, it’s absolute bullshit…
No and honestly I don’t think it matters. Set the age of your OS to 18 (assuming you are 18) and move on. What’s the issue?
That being said if you are really interested in the topic and use this as an “excuse” to learn check out https://jsandler18.github.io/ and don’t worry if you don’t have an RPi to run it, you can use QEMU. After that you can dig into https://wiki.osdev.org/ really a fascinating journey.
What you’re talking about would be called running a browser on “bare metal.” The OS is typically on charge of resource management between the various tasks. Access to the processor, storage, screen, input devices, sound, network. The os is a layer that mediates these devices. On bare metal you have to do ALL of that.
I’ve seen some interest in bare metal web servers in the past which some believe to be more secure. But I don’t think I’ve seen browsers on bare metal. There’s so much browsers need to do anymore. But anyways, bare metal would be the search terms you want to start using.
Edit: “bare metal” seems to have a newer usage for servers, so the papers I found were calling it “Bare PC.” Example: https://doi.org/10.1109/HPCC.2009.34
The os is a layer that mediates these devices.
The OS doesn’t just mediate the devices, it also provides a consistent interface for software to talk to the hardware. E.g. software doesn’t care if you’re using a USB or PS/2 keyboard, the operating system handles that.
I’ve seen some interest in bare metal web servers
Usually in the context of servers, bare metal means it’s not running in a VM, and you are dedicated to the hardware. E.g. one server may otherwise be running multiple customers all isolated from each other using VMs, with bare metal servers you are the only customer using the hardware. They’re supposedly more secure as there isn’t another customer that could use some VM escape vulnerability and read your data. It’s nothing to do with whether you are running an OS or not (although no OS is very not practical on production servers).
That’s a good point about what the OS provides. I come from an embedded context, so often RTOS are not much more than a kernel that’s handling some basic threads and processor access. There was a really interesting talk at USENIX a few years ago (Usenix 21 keynote with Timothy Roscoe, I just looked it up) that was basically saying that a modern OS like linux, isn’t even accessing hardware and is just an OS in a system of OSs on a computer.
So you are not wrong about what you are calling bare metal, but that usage is more popular at the moment, but the older meaning of bare metal actually just means “no OS.” It’s still very common in embedded world. They are the same words, but do have different meanings.
I cannot find it at the moment, but about 10 years ago I had found a guy at Tufts (I think) who was publishing about actual bare metal (no os) single process machines that would run a server with nothing else. It was supposed to be helpful for security reasons. It was definitely whacky. I cannot find it because the server-farm usage of bare metal has taken over :(
[Bare-Metal (redirect on wiki)[ https://en.wikipedia.org/wiki/Bare_metal ]
I do now see that “bare metal server” is not going to be the right search term. Perhaps bare metal computing? I’m not sure. But what I am talking about pre-dates virtualization.
Edit: For servers, it seems the papers are calling it “Bare PC” Example: https://doi.org/10.1109/HPCC.2009.34
There was a really interesting talk at USENIX a few years ago (Usenix 21 keynote with Timothy Roscoe
Thanks for this!
So you are not wrong about what you are calling bare metal, but that usage is more popular at the moment, but the older meaning of bare metal actually just means “no OS.” It’s still very common in embedded world.
Oh yeah I’m aware and I wasn’t disputing you, I just wanted to point out that in the context of servers that definition is quite ambiguous. But I did know what you meant.
For servers, it seems the papers are calling it “Bare PC” Example: https://doi.org/10.1109/HPCC.2009.34
This was also quite interesting and I’m actually surprised IIS did as well as it did. I’m actually looking for thesis ideas so I’ll add this to my list and potentially see how much things have changed 17 years later.
The definition of OS in those laws is ridiculously broad, you can safely assume that whatever you intend to make would fall under it.
Theoretically you could create an appliance with just a Linux kernel, Cage and Firefox (plus dependencies) and boot that with
init=/bin/cage firefox. This is how most information and advertisement displays and other kiosk systems (think of stuff like the McDonalds order machines) are made.It would be difficult to argue that this isn’t an operating system though, because typical definitions are very broad. In particular, you will always need “a program that manages a computer’s resources”, and you also need “the allocation of those resources among other programs” because websites are programs (in reality a browsers will liberally fork itself to take advantage of kernel process isolation, but even if it didn’t the in-process threads would still qualify).
Vendors of kiosk systems probably have better chances arguing that their devices aren’t general purpose than that they don’t use an operating system. However if your “kiosk” system is advertising on the basis that you can do general purpose computing within a browser then your chances of arguing that you’re somehow not selling a “general purpose computing device” aren’t going to be very good.
Thank you for a very insightful comment, touching on both technical and semantic aspects. For the uninitiated, perhaps the technical aspects of a computer are not as important as the user experience. Of course, legislators are getting more and more technically knowledgeable so trying to rebel against OS age verification by simply cosmetically making a computer different from your typical desktop like systems might not suffice…
Nevertheless, I did not know about Cage! At least now I know how the hacks make those IoT control panels with their SBCs! Perhaps I’ll set up something cool in my living room like… A weather forecast screen? The stock market? Live GPU prices? :D
Of course, legislators are getting more and more technically knowledgeable so trying to rebel against OS age verification by simply cosmetically making a computer different from your typical desktop like systems might not suffice…
I’m admittedly not especially familiar with how law is practiced in the US but in my opinion trying to skirt the letter of the law while blatantly violating its intention is usually a bad idea. The more you piss off prosecutors and judges the more effort they will put into finding something to prosecute you over, and it also makes them more likely to push for the harshest fines/convictions that are legally possible.
Of course unfortunately a lot of the time the law is just bullshit, and this particular bill appears to have at least a few issues, but still…
Nevertheless, I did not know about Cage! At least now I know how the hacks make those IoT control panels with their SBCs! Perhaps I’ll set up something cool in my living room like… A weather forecast screen? The stock market? Live GPU prices?
For completeness sake, Cage isn’t the only way to do this. Gamescope is another popular “kiosk compositor”, notably used by the Steam Deck (in the “Deck mode”). And of course the same thing is possible with X window managers as well, Openbox seems to be a popular choice for X11 kiosks.
deleted by creator
