Linux Kernel On Windows 10

[Rachael]

https://devblogs.microsoft.com/commandl ... ing-wsl-2/

On Monday when I was first aware of this - I was both excited about it, and a bit worried, but probably not for the reasons you would expect.

From what I understand of the blog, the kernel (and subsystem) will unconditionally ship with all versions of Windows - which, to some extent I can understand because that greatly simplifies the process of taking advantage of WSL on your system. All you then need is to install a distro.

However, with every feature comes potential problems, and this is not explored or discussed enough in the wider community, in my opinion. WSL1 was a fairly isolated feature that did very little to interfere with the operation of Windows at large, and I expect WSL2 will be much the same. WSL1 was a system driver that had a kernel-like implementation - I am not sure what WSL2 will be, I expect it will be similar. So the potential issues there are not much of a worry, for me, if it's buggy it's not likely to cause problems if you never use it.

What I worry about, as someone who is training to be a pen tester, is that this increases Windows' attack surface for vulnerabilities. We already have nasty Powershell malware, now we will potentially have the ability to use Linux's own Bash to distribute malware, too. And unfortunately, with WSL, Linux user accounts are not properly secured against base file system access - it's possible to write Linux malware that can encrypt a user's personal files and demand ransom, much like it is possible to do so with pure Windows code, today.

Another issue is that the kernel that will be shipped will also not have been properly vulnerability tested - meaning privilege escalation is another potential huge issue. i.e. if you're browsing the internet, it might be possible to make a Linux system call which is forwarded to Windows which grants administrative access without the end-user's authorization. We don't know if such vulnerabilities exist yet, but it's definitely something to look for in the coming months.

And then there's the Linux kernel, itself. Yes - it is very secure - however, it has never suffered the trial by fire like Windows has. Yes, Android exploits are common, but they're more common for the Android layer, itself, than for its Linux kernel.

Overall - I am actually really excited for this development and I can't wait to try it out - but I think everyone should be cautious when it goes live in (most likely) this year's October update. We'll see what happens.

[Graf Zahl]

Interesting developments. What I really wonder about is if this is the first step in transitioning Windows itself to a Linux kernel.

[Rachael]

That's been suggested as a possibility, but highly unlikely. It would be nice, though.

Though, it'd be really nice to see is Windows' GDI have native X11 (and in the future, Weyland) support. Then I can ditch these shitty Windows themes forever and just load a Linux WM and have whatever I want for window borders - without hacks.

[Graf Zahl]

That's been suggested as a possibility, but highly unlikely. It would be nice, though.

As unlikely as the current developments would have been 10 years ago, huh?

[Rachael]

That is true. But still - Windows Server is still Microsoft's bread and butter in the software market, and they're unlikely to drop that, anytime soon. It's been theorized that the biggest reason they're picking up the Linux kernel is to make Azure more appealing so that they can compete with the likes of Amazon and other cloud service providers. And having Azure support both native Windows and Linux apps could put them ahead of the others very easily.

This would make far more sense, since Microsoft is ultimately, like any other business, focused on financial gain.

[Matt]

Any thoughts about folks saying this is a particularly ambitious case of Embrace, Extend, Extinguish?

[gramps]

Maybe a less gimmicky variant. They don't necessarily need to add proprietary extensions in this case; the "extend" part might be already covered just by being able to run all the usual Windows software alongside the *nix stuff.

If they do start adding goofy proprietary gimmicks, I guess we'll know for sure. For now, I'd say it doesn't really seem any more sketchy than Mac switching to a BSD or even Linux running Wine.

[Rachael]

That is a possibility that has been brought up before. However the Embrace, Extend, Extinguish line was financially motivated - and this time, their financial motivations are towards Azure.

Microsoft can't kill Linux. They know this. They might be able to severely wound it, but no matter what they do it will come back. This does not seem to be that kind of a thing.

There is a definite "Embrace" and "Extend" part going on here, though. What this ultimately comes down to, though, is that they will have to support this for years to come, since it is becoming an official feature of Windows. That means it's likely programs will take advantage of this, especially high-level language interpreters/compilers, and "extinguishing" this means that compatibility will break.

We'll have to wait and see. I'm not saying it's impossible that Microsoft would try - I'm just saying it's not in their financial interest right now to do so. If Microsoft would ever be able to kill Linux, they'd have succeeded in the 90's when the battle was in full heat.

Let's also not forget that Microsoft is being led by completely different individuals than they used to be, with different goals. It's not about OS's anymore as much, they lost that battle when Android basically killed them in the mobile market, which they really thought that's where the big money would be for them. (And they would've been right, if they had only done it correctly)

[Chris]

There is a definite "Embrace" and "Extend" part going on here, though. What this ultimately comes down to, though, is that they will have to support this for years to come, since it is becoming an official feature of Windows. That means it's likely programs will take advantage of this, especially high-level language interpreters/compilers, and "extinguishing" this means that compatibility will break.

It wouldn't be extinguishing the feature, but extinguishing the original. Like with Java, they similarly embraced that with Windows by including compatibility as a standard feature. Then they extended it with proprietary additions that weren't in the original. The extinguish wasn't them then cutting Java support, instead Microsoft proceeded to make Sun's Java useless since it didn't contain MS's proprietary additions that many new Java apps came to rely on, thus attempting to extinguish the original and leaving theirs as the only viable version. Sun had to take them to court to stop it.

[Rachael]

Well there is nothing I can do to argue against that point.

I am hopeful that it is not what it seems. But I am fearful that it is.

But Linux has proven, time and again, that no matter what Microsoft has tried to do, it has survived. I still believe it would take something extremely evil, significant and well-planned out in order to succeed.

[Graf Zahl]

There's one major difference between Java and Linux, though: With Java, Microsoft was attacking a single closed source target.

With Linux being open source with a very distributed developer community this cannot happen - they have to comply with the license and release all source code for their derivate. So even if they tried, they'd have to disclose all the work they do.

But ultimately this comes doen to what Rachael said: The people calling the shots these days have completely different goals. The main reason here is not extinguishing Linux, but that they need to be able to get a working Unix-like environment to do their own work.
As some articles have mentioned, currently the only way to get a well-integrated Unix/GUI combination is macOS, and having to depend on Apple would be sheer insanity for a company like Microsoft.

It's really not that much different from why Visual Studio these days allows to cross-compile for various platforms: Since Microsoft itself has branched out from pure Windows development they need some way to work on these platforms - and I cannot fault them for preferring their own proven tools for that.

The closest they can come to extinguishing Linux is as a desktop OS, because that's where it is weak and vulnerable. To do this they'd have to transition Windows to a Linux kernel and build a modern OS with all the bells and whistles around it, like macOS did with BSD. And would that be such a bad thing?

[Kinsie]

Microsoft is more interested in services and things that drive people to pay for those services than stand-alone software nowadays. A lot of those services revolve around servers and other online technology, which is where Linux and open-source software tend to come in - whether for native server software or for web development tools like Ruby on Rails and Docker.

This is less about the Borg-like consumption of regimes past, and more about finding more razor handles for which they can sell blades.