It’s Time For a New, Highly Secure OS from Apple That Hosts Both OS X and iOS

| Particle Debris

I've had some thoughts lately about Apple's OSes. It's all just whimsy, but I like to go where no one else goes. Take a short trip down adventure lane with me.

Apple's OS X, derived from the legacy BSD UNIX (from late 1970s), was born in the mind of Steve Jobs and engineers at NeXT more than 20 years ago. It came to fruition at Apple in March 2001. It was a product of its time. iOS was launched for the iPhone in 2007 and designed for hardware that was one percent the speed of Apple's modern A9 SoC. Perhaps it's finally time to move on to a hybrid OS that can run both. But there's more. And for a reason.


IBM has the lead on Apple with the AI called Watson. It's being used for many projects.

The Birth of an OS

Operating Systems are born on the hardware of their day. For example, the classic 32-bit Mac OS running on a PowerPC chip could never run on an Apple II with an 8-bit 6502. The current 64-bit OS X could never run on the old Motorola 68040.

Put another, inverse, way, as the hardware gets faster and faster, the original OS has more and more performance headroom. That's usually filled by adding features and complexity in the name of competition, marketing and planned obsolesce.

However, what if that ever increasing headroom, derived from really fast hardware, could be put to use for a better purpose, namely security. Better security is what we need right now.

Just as we ran the Classic Mac OS in an environment ("The Blue Box") on modern Macs inside OS X, I think we'll soon have enough hardware headroom to run both OS X and iOS as residents inside an outer wrapper of, say, a Swift-based host OS, an AI agent, that does a lot of things that a naked OS can't (or shouldn't) do for itself.

The Death of an OS

What I'm talking about is a host OS that than can run either OS X or iOS (or both simultaneously) in a highly secure environment. The host OS can attend to the health, integrity, safety and robustness of the guest OS that it protects. It could check for corruption, block apps that upload stolen information, look for malicious HTTP streams, create trapdoor security enclaves against intrusions, offload the client OS from all kinds of messy housekeeping and band-aid elements that are tacked on to each OS every time a new kind of threat crops up.

The host OS could also allow the customer to run the desired OS depending on the occasion as needed. Tim Cook has emphasized, and I agree, that merging the two OSes, isn't the answer. Each OS, pointer-based OS X and touch-based iOS, serves two different needs. Each is superb at what it does.

But a host OS that could run each of iOS and OS X in a more secure environment could lead the way to a MacBook that runs OS X when the display is attached to the keyboard and also run iOS when the keyboard part is detached. Or not. (I'll leave the challenge of direct connect to the encryption and security hardware to Apple engineers.)

The Next Generation OS

On page two here, I reference several elements that could play a part in this: Intel's Optane technology, Apple's need to breathe new life into the iPad line, and OS X checking on malicious apps. Sure, you can fiddle with the name of the next 9.7-inch iPad, add a pencil and P.I.P. but new growth and advances in the user experience will ultimately come from new thinking about continuous advances in hardware technology.

OS X is almost 16 years old, and there's no sign it will ever be quite as secure as iOS for technical reasons. But customers have a huge investment in apps, and they love their Macs. Perhaps it's time for that supervisor OS that has the means to monitor the activities of OS X and better look out for it. It would exploit all the coming advances in hardware speed for an AI agent, one that's far beyond the capabilities of any patchwork fix-ups to OS X.

Apple never invested much in supercomputers and AI agents like IBM's Watson. Now, it's time to catch up.

The unsavory alternative is to use the faster and better hardware of the future to push an aging OS X to extremes it was never meant to endure in a graceful, simple way that "just works."

Just some thoughts. Tell me yours.

Next page: The Tech News Debris for the Week of March 7th. Whoa!  Connecting the cord! And an iPad branding conundrum.

Popular TMO Stories



Just as we ran Classic Mac OS in an environment (“The Blue Box”) on modern Intel-based Macs inside OS X,

Um I think you misspoke. When running Classic (Mac OS 9.x) in Mac OS X, it only ran on PPC (G3, G4 & G5) hardware. :-(

John Martellaro

Furbies: You are right.. I was thinking of a technology called “Rosetta” that allowed PowerPC apps to run on Intel hardware.

The “Classic” Mac OS worked up only through 10.4 Tiger, but not on Intel. Thanks for catching.


OSes should never be noticed. The headroom you speak of may not matter if taken up by an OS for most people, but I want an OS that uses as little processing power as possible. There is no reason to build a new “wrapper OS.” Swift is a joke it is a toy language.


“There is no reason to build a new “wrapper OS.” Swift is a joke it is a toy language.”

Is that really the case?

I am not an expert in all things programming but Swift does seen to be gaining some traction, being used by IBM, open sourced for Linux and, if I am correct, now being considered as an option to develop apps for Android.

My understanding is that Swift is a robust language with strict typing and it is also designed to be used for functional programming, both of which enforce the writing of much better code. It also apparently addresses many of the shortfalls of C and objective-C. At the moment it may be a drag because to develop for Apple OSes you also should have an understanding of Object-C so as to be able to work with all the APIs/frameworks.

Swift may be in its incunabula stages and I have to admit, learning it in the first year and a half has been at times frustrating. Features of the language were changing quite rapidly, but as of Swift 2 it has become much more enjoyable to use.

Yes Playgrounds look like toys, but they do help visualise many programming and logical concepts in real time. This is good for educational purposes and for even more experienced practitioners looking to prototype an idea quickly, playgrounds are a very useful tool.



One of the reasons I enjoy reading your columns is you never cease to pose challenging questions and out-of-box ideas, this week’s PD being no exception.

That said, I am not certain that you’ve made an iron-clad case for a host OS, particularly one that would both host OS X and iOS, and permit one or both to run on a Mac and/or an iOS device. I say this as one with admittedly no programming experience, apart from the one course I took as a young lad in secondary school in Basic and Fortran, which only served to teach me that there were blokes in my school (all boys school) who were already far ahead of me in these languages.

Your argument about the best use case for the headroom made available by ever faster, more capable hardware is both valid and important. What gives me pause, however, is Apple are all about the user experience. Whatever the product, and however secure it may be, these features should not mar that experience nor make it painful (yes, I know some would point to iTunes as a counter to that argument, but I see that more as Apple’s Frankenstein’s monster, which they have not yet figured out how to put it down without squandering a life’s work). If they chose to go with a host OS for security’s sake, there are two specific challenges to the user experience.

First, there could be no perceptible decrement in the speed, responsiveness or capability of the hosted OS (OS X or iOS). The host OS would have to stay out of the way of the user when accessing the target OS. The question is, could the burden for realtime monitoring and security be laid onto the host OS without reducing the hosted OS performance or its ability to evolve. In my unlearned and layman’s viewpoint, this may be no simple hurdle, and the ability to continue to evolve OS X and iOS could be of particular importance.

The second challenge is related to Dave Hamilton’s piece from 04 March on decryption keys, and that trade off between security and convenience, in this case, would be how to make the host OS a world class and adaptable bulwark without becoming an inconvenience or barrier to the user. One of the reasons OS X and iOS are such joys to use is that, in most cases, they’re ready to work when the user is. If anything, we’ve grown to expect faster and more convenient user interfaces, including an increasing reliance on voice. I look forward soon to being able, in either iOS or OS X to say, ‘Hey Siri, display the last grant proposal I was working on, and show me where I left off’, without my having to go searching manually for it, or ‘Send section X or pages X to X to this person in my contacts list and ask them complete this section and return it in two weeks time’. What would be the convenience cost of a host OS to my accessing either Siri, my apps or files? Would this be a one-off toll or would I have to pay that toll every time I return to my work? Could clearing the host OS be done biometrically such that my device imperceptibly takes my print, voice and/or iris scan without my having to anything other than touch or look at my device and seamlessly get to my desired OS? The more facile and unobtrusive Apple could make this, the better for the user experience, but would that leave it sufficiently secure?

It seems to me that a great deal of thought and thoughtful engineering would be required make this seamless and secure, whilst preserving adaptability of both the host and hosted OSes. Rather, the approach Apple seem to have taken for security with both OS X and iOS is to remove the ability of customisation from the user in anyway that would compromise security, such as hiding the system file in OS X. I should think Apple will continue along this path, hardening these systems by fire-walling vulnerable systems from the user and bad guys alike with novel hardware and software innovations. Still, the host OS is an intriguing concept.

As for Nadella and MS, I believe he will be credited with having not only saved the company in time, but in preserving its relevance.

Regarding the iPad, while Adrian Kingsley-Hughes makes some valid observations, I don’t believe the iPad is need of ‘saving’, as the modest decline in sales is no death spiral. Rather, Apple will need to continue to address the tension between consumption and productivity on this device in such a way as not only to protect price point, but to expand its capability for the majority use case. Adding features that the majority do not use, and that interfere with most users, would not be helpful. I think the solution has more to do with the users than it does with the device, and that Apple will have to gradually expose users to greater productive capability over time. Still, I’m looking forward to 21 March and a new 9.7” iPad.


I want to run IOS and OSX on the one device too, but hosting it under some super-OS is not the solution. There is no extra security to be found here. Running things under different OSes can have security at the expense of a total separation of worlds. You don’t want this in your OS. You want as much separation as is necessary, BUT NO MORE. This is what a well designed OS gives you.


The basis for the “new OS” is already there. It’s the Mach microkernel. And it’s already there for both OS X and iOS.

For implementations reasons, Apple blurred the line between Mach and the BSD parts of the kernel but those could be redefined.

John C. Welch

“Hypervisor”. the word that describes the concept you are talking about is a hypervisor. It’s not new. not even close.

Also, the concept you’re talking about isn’t new. It’s how the XBox One does things.

However, other than some possible security benefits, (none of which does anything against the biggest unsolvable security problem, namely the human), and note: *possible*, there’s no real benefit for this to the people using it.

Log in to comment (TMO, Twitter or Facebook) or Register for a TMO account