End to all Desktop problems?

Posted by Roel Gloudemans on 12 February 2008 | 0 Comments

Tags: virtualization, desktop

Some consultants would you believe that virtualisation technology will solve all your desktop problems.... Yeah, right!

The assumption is based on the fact that many people believe that desktop stability and the data loss that goes with it, is the biggest problem. It is true that one misbehaving application can bring down your complete desktop computer. If every application is run in its own virtual machine (VM), which contains only the absolute essentials for the application to work. This would:

• stop applications from influencing each other. A problem in one application will not affect the other one
  
• prevent the famous windows DLL dependency hell (or shared object hell if you're a *nix person)
  
• keep the Operating System (OS) to a bare minimum. Since all logic to access the hardware is in the VM. The operating system is just a Hypervisor and maybe some user interface elements.
  
• drastically reduce the chance of security exploits and bugs in the OS, since there is less code in the OS
  
• a driver problem only kills the application using that driver
  

Now, in my opinion, this makes no sense at all. While I do believe, it is a good idea to run e.g. a web browser in a VM, for most desktop applications is isn't. These are the reasons that spring up in my mind:

• No interaction between applications means no data exchange between them. The concept of "copy and paste" and "drag en drop" needs a complete overhaul
  
• All the applications together will make up most of the complete OS from the "Old" environment, the only thing changed is the shift in responsibility
  
• Application developers don't want to reinvent the wheel from scratch for each application. There will be standard libraries is each application. What happens if a security flaw is discovered in that? Not one hole to patch, but many!
  
• Each application still needs access to the data, so an exploit in your application still puts your valuable data at risk
  

Virtualisation can help creating a more secure desktop, but it'll have to be used on todays desktop technology.

The best way to a more secure and stable desktop environment must come from the OS itself. Proper role and memory separation and a good Quality Assurance program for driver development. While companies like Microsoft have an excellent QA program, it is not mandatory. The Open Source model actually helps driver development. The developer can see all the kernel code, copy, reuse and discuss with the rest of the world.

A stable and secure desktop is possible now, it is just a case of picking the right technology and actively work on putting legacy applications of of business, or in a VM. Linux anyone? (or BSD for that matter)