(译文) 为什么我们需要一个新的操作系统?

Thomas Hintz

Creator of 3L Project

本译文已得到原文作者的中文翻译许可,并采用与原文相同的许可协议 - 署名-非商业性使用-相同方式共享 4.0 国际 (CC BY-NC-SA 4.0) 进行授权和传播。



Understandably the most frequent question with regards to the 3L Project is why do we need a new OS? The answer lies in the history of the mini and micro computer and the momentum behind supporting legacy software.

可以理解,有关 3L 项目 的最常见问题是「为什么我们需要一个新的操作系统?」。 其答案存在于迷你和微型计算机的历史,以及支持传统软件的推力之中。


When mini and micro computers were built in the 60's, 70's, and 80's memory was limited to kilobytes or a few megabytes and processors ran slower than snail speed compared to today. When the first operating systems were being developed for low resource computers they had to be as lightweight as possible. So OSes were written in assembly or C and were more a collection of libraries than a manager of resources and scheduling of programs, out of necessity. As computer memory and processor speeds increased OSes grew to handle more common tasks but budget computers still required a fast, lightweight OS to be practical. By the time budget computers became powerful enough to handle a more heavy-weight and comprehensive OS we were locked into old architectures because of the momentum built over time when computing resources where limited. Windows, Linux, Mac OS X, and the BSDs we have today are still built using the architecture developed when computing resources were limited even though it is no longer technically necessary.

当迷你和微型计算机在60年代、70年代和80年代被建造出来时,内存被限制在千字节或几兆字节, 并且处理器的运行速度与当下相比简直比蜗牛还慢。在为低资源计算机开发第一个操作系统(OS)时,它们必须尽可能地轻量级。 因此,由于这样的必要性,操作系统都是用汇编语言或 C 语言编写的,这就使其更像是一组库的集合,而不是作为资源和程序调度的管理器。 随着计算机内存和处理器速度的提升,操作系统可以处理更多的常见任务,但经济型计算机仍然需要一个快速、轻便的 OS 才能变得实用。 到经济型计算机变得足够强大,可以应付更繁重和功能更全面的操作系统的时侯,我们却被禁锢在旧的架构之中, 因为,当计算资源有限时,这种势头(译注:指,被禁锢在旧的架构中)就会随着时间的推移而建立起来。 尽管在计算资源有限时所开发的架构在技术上已经不再是必需的了, 但我们今天所拥有的 Windows、Linux、Mac OS X 和 BSD 系列的操作系统,依然是采用这样的架构构建的。


Another change since the original OSes were initially being built is the need for security, both from hostile entities over a network and a separation of programs running together on the same machine. As security became more important features were tacked on to the OSes to combat the problem (along with hardware features like the MMU). But fundamentally the way in which programs ran and were developed is the same. The security features that were added still relied heavily on the kernel and application developers doing the right thing and not making mistakes.

自最初的操作系统开始构建以来,另一个变化是对安全的需要,既要防止网络上敌对实体的攻击,也要隔离在同一台机器上运行的程序。 随着安全变得越来越重要,一些特性被添加到了操作系统中以解决这个问题 (包括像 MMU (Memory Management Unit) 这样的硬件特性)。 但是,从根本上说,程序的运行和开发方式还是相同的,所添加的安全特性依然严重依赖于内核和应用程序开发人员做正确的事情而不犯错误


One of the most significant changes in the past couple decades has been the networking of computers. Whereas before programs were assumed benevolent and trustworthy we now have to deal with many cases where we must assume programs are not trustworthy. Unfortunately little power has been given to users to control what a program can and cannot do.

在过去的几十年中,最重要的变化之一便是计算机的联网。在这之前程序被认为是善意和值得信任的,而现在我们不得不处理许多情况, 我们必须假设程序是不值得信任的。不幸的是,用户只有很少的权力去控制程序该做什么和不该做什么


Another development has been in Computer Science research done in the last few decades, notably in this case when it comes to improved security measures. We now know of many ways to improve computer security that we didn't know when OSes were first being developed but the momentum from the past and desire to support legacy software has prevented much of this research from being incorporated.

另一个发展存在于过去几十年所做的计算机科学研究里,特别是在涉及到改进的安全措施的情况中。 我们现在知道许多提高计算机安全性的方法, 这些方法在首次开发操作系统时还不知道,但是过去的惯性使然以及支持传统软件的渴望阻止了许多此类研究的进行。


Another area of research has been in the way of compiler design and capabilities. Compilers initially served as a way of making code more portable but now they are increasingly used to perform analysis of the code and improve the speed at which it runs. This enables the usage of languages and paradigms that previously were too slow to be practical on machines with limited resources. Rarely though has the OS taken full advantage of these advances by allowing developers a more friendly environment for OS and application development.

另一个研究领域是编译器的设计和性能。编译器最初是用来提高代码的可移植性的,但现在它们越来越多地用于执行代码分析和提升代码运行速度。 这使得以前在资源有限的机器上过于缓慢而不实用的语言和范式被应用了起来。 但是,操作系统很少通过为开发人员提供更友好的 OS 和应用程序开发环境来充分利用这些优势。


Taken together all of these advances allow us to create a significantly better OS than we now have and an OS designed to address the challenges we face today. Unfortunately, taken as a whole, they are too far from the way programs have been developed for decades to make adapting current OSes to take advantage of and address the concerns of today. Attempting to retro-fit a current OS would result in the requirement that nearly every program would have to be rewritten. Since this is the case it makes little sense to spend the time and effort required to adapt a massive piece of software when it would take less effort and time to build something from the ground up.

综合所有这些优势,我们可以创建比现有更好的操作系统,一个用来解决我们当下所面对的挑战的操作系统。 不幸的是,从整体上看,它们(译注:即,更好的操作系统)与几十年来程序的开发方式相去甚远, 从而无法适配当前的操作系统以利用和解决现今的问题。尝试改造当前的操作系统将使得几乎所有的程序都必须重写。 既然是这样的情况,那么在从头开始构建所需的精力和时间更少的情况下,花时间和精力来适配大量的软件就没有什么意义了


In the future do we really want to continue to be tied to the past? Building an OS is a massive undertaking but it is a worthwhile investment. As more of our lives and more money moves on to computers and relies on networking it is only going to become more and more important to develop strong security mechanisms and it makes little sense to be hampered by the past. If we can do significantly better we should. Just like building new infrastructure in a country requires a massive upfront investment we know it pays off in the long run.

在未来,我们真的想继续同过去绑定在一起吗?构建一个操作系统是一项巨大的事业,但这是一笔值得的投资。 随着我们的生活和金钱越来越多地转移到电脑和网络上,开发强大的安全机制只会变得越来越重要, 被过去所束缚是没有意义的。如果我们明显可以做得更好,我们就应该做到更好。 就像在一个国家中建设新的基础设施需要大量的前期投资一样,我们知道,从长远来看,这是值得的。