A Dream for Tomorrow What You Lost Today

In keeping with the general idea that Exile Heavy Industries is for the lost, for those that do not belong in the current computing environment of docker, VMs, "containers", and microservices. Those that are certain we haven't yet reached the end of computational evolution, who resist needless complexity, preferring instead an endlessly reconfigurable system of simple parts. In modern computing, on nearly every front and in every market, we're seeing more invasions into user privacy, greater betrayal of user trust, and ever more insulting limits on what users can do with their platforms, in the name of their protection. Protection should be a mix of good practices, well designed resilient, or even anti-fragile programs and services that make it nearly impossible to simply inject code into a running process to compromise the system with clearly documented best practices so the user can decide what level of risk is acceptable in their scenario. If the user is not able to control their own system, they no longer own it, and are most likely the prodct being sold. This is nightmarish, and only gets worse with the known behaviours of popular search engines and social media giants to construct echo chambers and influence user thought. I'm well aware this sounds like the ramblings of a madman, but these are things that have been documented as happening. It also makes sense, if ad revenue supports a site, they want you to stick around as long as possible, whether that means surrounding you with people that you agree with or building totems of those you disagree with, it's only in their best interest to get you engaged.

Now, things don't have to be this way, though it's hard to imagine them being considerably different. In order to reclaim control over your life and mind, you have to get rid of these popular tools and websites, and that simply may not be practical. Some people need to be on Facebook or Twitter or similar social media for work, sometimes the personalized results from Google are really what you needed, and a non-profiling search engine just doesn't cut it. Most comonly, you're stuck on a platform because necessary tooling isn't available on a competitor's platform. While this is understandable, it shouldn't be acceptable. Open standards will allow users to move their data and services around as desired or necessary, giving them control again. This, of course, is generally antithetical to the bottom line of mining your data to sell to advertisers, and as such is unlikely to be widely supported by most commercial platforms, at least in a user-facing capacity.

The bottom line is simple: you do not have control. While there's nothing new about the concept of trying to understand and influence groups of people, what is new is the overwhelming presence of these mechanisms and the fact that we have whole industries supporting themselves on such practices. Google and Facebook are only the two most visible and most often reported on, it's becoming increasingly difficult to escape, and even the most effective methods to do so, like ad blockers, content filters like umatrix, privacy badger, and simply disabling the javascript rendering engine only make your browser sessions stand out even more! You may be able to reduce the amount of data available to these services, but in doing so, your session becomes more unique.

In Exile

As you may have caught on by now, we at Exile Heavy Industries are absolutely opposed to the way thinsg are going. We're working to create technology that can be understood, and that is designed to put the power back in your hands. Software should be simple, and the venerable UNIX philosophy reflected this. "Do one thing and do it well." is a fantastic starting point, but as great as UNIX was for its time, and still remains to be one of the better computing models in use, it's lacking in a few areas. The monolithic design that all popular descendants have inherited makes it harder for the unfortunately proprietary drivers necessary for critical functionality in many embedded devices to remain compatible without spending additional resources to actually ensure compatibility with updated kernels, or other critical portions of the system, like the libc. This issue is most visible in the world of ARM devices, like cell phones. In this area, it's more obvious on Android, where some models don't get kernel upgrades because the phone manufacturer didn't want to deal with compatibility issues, or the SoC has reached end-of-life, and upgrades of the operating system will break the kernel modules/drivers required to actually make the device remotely useful. iOS has the same issue, but Apple knows exactly which systems they're targeting, and don't have to release their kernel or driver code to anyone, in part due to the more permissive licensing model of the base system and the fact they have no downstream consumers of the code. So they get a bit more longevity, far from indefinite, but more than you can generally expect on Android.

The most obvious solution to this problem is to use a different model, like a Microkernel, where it's possible to have drivers use a standard API to communicate with other system resources, typically operating in isolation from other portions of the system. Perhaps the best example of this is MINIX3, though there's also the L4 kernel and the anticipated Fuscia project from Google, which is expected to replace the current Linux-based Android system. I think this is a great place for such designs, especially since the additional latency observed historically leading to reduced performance is not as much of an issue on current systems, while also allowing for greater security through auditing messages passed between components and greater reliability through being able to restart a failed service or component without taking down the whole system with a kernel panic. However, I'm not certain that this is the road that I'd like to see an in-house OS, like Exile take.

It's our goal to work on a new Exokernel OS, where the kernel itself basically only initializes the hardware to be usable and then works in conjunction with an authentication daemon to ensure that requested resources are allocated and managed in a secure manner, using a role based access control framework, similar to what has been implemented in Iluumos RBAC and grsec RBAC, though obviously with some tweaks, as Exile would not have the same model at all. The roles and access restrictions would not be modifiable without restarting the authentication daemon, which only the "super user" would be able to request, who of course, will not be named "root" or "toor" and will not necessarily have UID 0, as such conventions provide a predictable attack targets. Additionally, Exile would be an OS with a focus on security from the outset, working to ensure that we can have technologies like ASLR, W^X, NXSTACK, Cross-DSO CFI, executable integrity checking, and so on from the start. Provided enough time and resources are made available, Exile would be able to ship with a default set of applications, many of which may have to be rewritten from scratch, but with the goal of being secure by default and still allowing a user to get work done.

There are no plans for supporting AMD64 platforms, as they are inherently insecure, and are completely opaque to the users. Exile will only consider open ISAs as first-class targets, ideally starting with RISC-V, though MIPS is also a possibility. This would enable us to fully explore what the CPU is doing and potentially even expose that level of detail to users of the OS. The clean break from existing codebases would also provide an interesting means of exploring "solved" issues, such as service management, and consider new ways to address them. Thanks to SiFive and Imagine, we are currently in one of the most exiting times to be alive, if also the most dire thanks to the likes of Google, Facebook, and Amazon. So while this page may have become a bit rambly, if you'd like to see some new ideas in computing, consider keeping an eye on Exile Heavy Industries projects, and possibly supporting us somehow. We love technology, but we're terrified of where we're headed, so help us do what we can to push things back towards user control.