I looked at it a while back with an eye towards doing some work on it, but I'm interested in file systems and large storage and Hurd was limited to a max of 4GB per file because all files were memory mapped all the time and Hurd only runs on 32-bit architectures. So, for me, the amount of work before I could do something interesting was pretty steep.

I think the main reason that microkernels don't have great performance is because not much work has been put into them. I worked on Apple's Copland OS back in the mid-90's (the "failed" OS before OS X). Copland was a true microkernel and there were a number of performance optimizations that we'd put in. Had it shipped, we probably would have started making some modifications to the CPUs to support the microkernel better as well.

A big issue for performance is switching between processes. If you have to make multiple process switches for each kernel call that can get slow due to things like reloading the MMU tables, etc. There are a lot of different paths that could be taken. I could imagine a micro kernel, for example, written in Java or similar language running in a VM that enforced fine-grained memory controls, e.g. at the object level. If you used this for memory protection between trusted (e.g. OS level) servers you could avoid the hit of reloading the CPU's page maps. User space separations could be enforced by the CPU for better security.

Google is really missing the whole point of Facebook (Facebook tends to miss it too). It's not about whizzy features, it's about interacting with your friends. I don't use Google+ because few of my friends do. I really don't want to have Google+ OR Facebook finding new junk to stuff in front of me. I want to find out what my friends are up to. It's better than emailing stupid jokes around.

I suspect too many Google staffers are never leaving the Googleplex anymore.

There's a difference between a microserver and cramming 1800 of them into a rack. A product like this comes down to cost efficiency. Is this cheaper than an equivalent amount of Intel/AMD based computing? If it's not cheaper on the hardware, how much floorspace does it save? How much does your floorspace and electricity have to cost to make this worthwhile? What's your workload that requires this thing?

Unfortunately it doesn't "just work".

I have a Mac Pro 17" with Thunderbolt that I mainly use to hook up an external monitor (Thunderbolt->DVI with a KVM switch in between).

I picked up a LaCie Thunderbolt-SATA adapter to mess with. Plugged it in between the laptop and the KVM switch. Oops. Video quality goes to hell. If I pull the KVM it works better, but that kind of screws up my desktop.

It would have been nice if Apple had put two (or more) Thunderbolt ports on the machine but, hey, all you need is one, right, because it's so fast. Until you get something that doesn't play nice with the spec into your chain.

Thunderbolt is gearing up to be the Firewire of the 21st century (and I say this as someone with a whole rack full of Firewire equipment) - cool but not supported well enough to have any long-term longevity.

While cute, this is really overthinking the problem.

If you want to kill lots of people in an aviation related way, send a suicide bomber to the security checkpoint at Thanksgiving.

If you want to get weapons onto the plane, infiltrate someone into the cleaning staff or maybe the caterers. There are lots of people and vehicles who enter the airport without being rigorously searched. Have them leave a weapon for you in the airplane's bathroom or taped under your seat.

Heh - I was selling computers at the UCSD bookstore around that time and I had a customer come in one time and tell me that another store had sold her a "DBase" machine and she wanted to figure out what it was. Turned out to be an Apple II+ with a CP/M card.

No, I'm tired of companies and people trying to assert rights they do not have. BTW, this post is copyrighted by me and if you reply to it you will have to pay me $10 (feel free to call me a jerk).

Or don't use the sandbox. It's an added feature that most languages do not have.

Implementing your own system that meets your needs is not being a jerk. Asserting rights that you do not have is jerky behavior. Oracle is being the jerk in this instance.

That's just dumb. The security problem is that the sandbox has too large of an attack surface. If you're using the OS to contain untrusted code, rather than the sandbox, Java is just as secure or insecure as C or Perl.

That security is just designed to let Apple spend less effort curating the App Store. Most commercial applications are not trying to do bad things to customer's computers and most commercial applications do not have wide enough distribution to be an effective attack vector. All of that security is just there so that it is hard for people to use the App Store as a malware distribution platform. It doesn't actually provide much benefit for software users and it is a royal pain in the ass for software developers.

And who says the sandbox is secure? Java has had a "secure" sandbox for years - now that it's getting some attention it turns out to be full of holes. The OS X sandbox is not as simple as a chroot'd jail and has lots of "magic" in it to make things happen. There will turn out to be a massive exploit in there somewhere, just watch.

How quickly they forget. When the iPhone was announced, there was no app store and no plans for an SDK. Jobs said that you should make web apps. Maybe there were secret plans for an SDK but that was the official story for some time.

I ran without an adblocker for the longest time because the ads on the side don't bother me. Even the occasional interstitial I could deal with. Then, one of the sites I visit regularly started running that damned Meebo toolbar that manages to cover part of whatever you're looking at. It looks like it's been fixed but for a while it repopped up on every page you went to on the site. So, I installed an adblocker, and I've been a happy camper ever since. I don't even think about it running anymore.

This is sad for the sites who have not been annoying with their ads. However, even those sites that want to keep the ads under control apparently have trouble. The writer at Destructoid said that they try to keep the annoying ads out, like the ones that start running audio as soon as you open the page. Try is the operative word, though, and many other sites do not try, so it's always a possibility that something stupid will start blaring out of your speakers. The industry as a whole needs to stop looking at consumers as sheep to be milked instead of customers to be convinced.

No, what you said is:

The reason I mention the sandbox is because that is where the exploits are. Would you care to bring up another Java language feature that's a security hole?

You're welcome to use the tools you like. And you're welcome to criticize the tools I like, if your criticism is based on facts. All I ask is that you not spread falsehoods.