A couple other things
First off, quite possibly the first science fiction movie was Le voyage dans la lune, a silent film made in 1902 based off stories by H.G. Wells and Jules Verne (the French narration can be found here). It has some surprisingly good special effects, and is well worth the 14 minutes it takes to watch.
Also, it appears that Microsoft is actually going to require that all kernel-space drivers be certified in Windows Vista, which I think is going to be fantastic. They are permanently moving graphics stuff into user space, so I don’t anticipate many drivers needing certification. I expect that this will make the Windows kernel much more stable and secure, to the point that the BSoD might be a thing of the past in a few years. The Slashdotters are naturally wanking about OSS issues, but I think this is actually a pretty great change. The worrying part is that they could very well put copyright enforcement stuff in there, which no one would be able to change, even for legitimate reasons. Yes, that would be a poor design decision from a stability/security standpoint, but Microsoft hasn’t had the greatest record with that stuff in the past. Here’s hoping that the execution goes as well as the planning!
The problem with requiring that kernel-space drivers be certified is that there are any number of things that require kernel-space privileges that it’s just not feasible to have certified by Microsoft. This is as much an anti-trust move as anything else; I’m sure that “certification” is going to require exorbitant amounts of fees/knowledge/experience that only major companies can afford.
Think driver development. MS ain’t going to give out their public key, so are the hardware companies going to have to go to MS with each new release of their drivers? What about companies that want to compete with the big boys?
Also, go look up what it takes to get certified with MS. For one, you need a VeriSign ID. That’s $499 to $695. Also, you sign over a whole bunch of rights to MS, including their right to distribute your drivers.
Interestingly, this is also going to affect academic research. I’m doing work on a new network stack – that’s a kernel level driver. And Geoff’s student’s FS that he presented at colloquium a few years ago? FS drivers are certainly kernel-space. This is totally balls.
Also, The worrying part is that they could very well put copyright enforcement stuff in there…. If you’ve learned nothing else in your 22 years of existence, you ought to know that THOU SHALT NOT TRUST MICROSOFT. Optimism is a BAD IDEA.
I agree that optimism is probably a bad idea. However, I can’t actually think of too many things that require kernel-space permissions. Video, sound, and (I think) printer drivers are all in user-space in Vista, so they wouldn’t need certification. You’ll certainly lose support for non-NTFS file systems, but Windows has never worked well with them, anyway. If you want to do academic research, a closed source OS is just about the worst place to do it, so you’d need to switch your research over to some sort of *nix, where it should have been in the first place. I believe that part of the goal is to have everything running in kernel space first prove that they have well-written code and the capability to provide support for it (which seems like a good idea, though it can be unfortunately costly). The other part of MS’s goal is DRM, which will likely drive at least some people to start dual booting (or just switch to Linux/Mac altogether, which I think would be great). but I agree with you that it would be a simple way to lock down the OS to only allow “approved” content.
Ironically enough, this might be a good way to start seriously developing a microkernel platform (Minix was a good try, but we can do better): putting things like the file system in user space is exactly the way to start accomplishing this (after just about everything is in user space, take out the MS kernel and put in something small and shiny, and you’re good). The one caveat is that it would probably require the process scheduler to put the kernel on one core of your dual core machine, and run everything else on the other, in order to make context switching faster. I don’t know if Microsoft is planning to do this, but it would be interesting to see what happened if they did. (I recently got to hear Rik Farrow give a talk about security and microkernels, which is why I bring this up).