Hello Haiku team,
First of all, thank you for the amazing work you’re doing — Haiku is a remarkably elegant and responsive operating system, and I really enjoy using it.
As a lawyer working in Italy, I rely heavily on digital signature tools (specifically with smart cards such as the ArubaKey), which are essential for signing and filing legal documents.
Unfortunately, I have not found any support or middleware on Haiku for:
- CCID-based smart card readers
- PCSC-lite or equivalent libraries
- PKCS#11 modules needed for crypto operations
This currently prevents me from adopting Haiku in my daily professional workflow, even though I would love to use it as my main OS.
With the upcoming end of support for Windows 10, many users — especially those with older hardware — will face the dilemma of either buying new computers or switching to Linux, which often brings compatibility and learning curve challenges. This could be a real opportunity for Haiku to emerge as a lightweight, alternative OS for office and professional use, especially if essential features like digital signature support were available.
Would the team consider adding support for smart card readers and related libraries in the future? I would be more than happy to assist with testing or even help with documentation if needed.
Thank you again for your work, and I hope this request can help open the door to wider professional use of Haiku!
Best regards,
Sergio
1 Like
It has been in other tropics, that Haiku has security equal to Windows 98, Haiku does not have a firewall, is vulnerable to ssh attacks, is not recommended for daily use for tasks that require security tools, hardware support is incomplete.
Hi @marcoapc, thank you for pointing that out — it’s true that Haiku still lacks many modern security layers, and it’s something to be aware of.
But at the same time, this could be the perfect opportunity to explore more concrete and realistic uses for Haiku. Like any system, it’s about understanding its current limitations and using it responsibly within that context.
After all, no OS is entirely “safe” in itself — not even the most advanced ones, if used carelessly. And if we followed the logic of avoiding anything that lacks full protection, we wouldn’t even be browsing the web with Haiku — and yet many users do, responsibly.
I’m not suggesting we run banking software on it. But there’s still a whole range of everyday uses — document management, retro computing, coding, even some light office tasks — where Haiku can offer a real alternative, especially on hardware that otherwise gets discarded.
That’s the kind of space where I think Haiku can grow and prove itself — not just as a nostalgic project, but as a lightweight, practical OS for specific needs.
Thanks again for raising the point — I think these conversations help push the project forward.
This sounds like FUD, we use the same openssh as everyone else.
Anyway, this doesn’t matter. Haiku not having in-depth security is not an argument to not add any.
(Also, a firewall, as such, is not neccesary on a desktop system…)
2 Likes
This is definitely not true, we have significantly better OS-level security than Windows 98 did, and newer CPU features that Windows 98 did not have access to make a big difference as well (SMAP, NX bit, etc.)
What software works with these on Linux?
1 Like
Thanks @waddlesplash — happy to clarify!
In my case, I use a smart card (ArubaKey AK910, very common in Italy for legal and administrative use). The setup under Linux typically involves:
Open-source components:
pcscd: the smart card daemon (PC/SC service)libpcsclite: the PC/SC Lite libraryOpenSC: middleware that includes PKCS#11 support and tools like pkcs11-toolOpenSSL (or gnupg for some workflows)
Proprietary middleware (optional):
- Aruba provides its own drivers (based on PC/SC) and a GUI tool for PIN/management.
- These are usually closed source, but rely on the same PKCS#11 interface and USB CCID standards, so interoperability is possible with
OpenSC.
Typical use cases:
- Signing PDF documents (via GUI apps or CLI)
- Authenticated login to government/legal websites via browser (PKCS#11 module loaded in Firefox)
- Access to encrypted email (optional)
The minimum requirement for Haiku to support this workflow would be a working PC/SC stack (smart card reader driver + libpcsclite) and PKCS#11 support, which could even open the door to Firefox integration.
If Haiku ever had even partial support for these components, I’d be happy to test and help document the process.
Thanks again for your interest!
The main work will be writing or porting a driver for the card reader itself. I don’t know if these are kernel space drivers or libusb based. Regardless, it should be a relatively simple driver, since it is mainly serial communication with the card, sending commands and receiving responses.
The upper layers of the stack should be portable without any problems if the driver exposes the same interface as on other systems.
That will not work, the interface may be standard but it’s just an API, not an ABI. The modules will need to be recompiled for Haiku, and you can’t do that if it’s closed source.
Thank you @PulkoMandy — that makes perfect sense, and I appreciate the ABI clarification (I was familiar with API concepts, but this is definitely something new to learn!).
Actually, we are already working on switching to an open-source CCID setup, avoiding proprietary middleware whenever possible — especially since in the long run it makes more sense for portability and community support.
In my specific case, the issue is with the ArubaKey (AK910), which is widely used here in Italy for legal purposes — but other smartcards/readers might be more open-friendly and not require any proprietary middleware at all.
If Haiku gets a working PC/SC stack (ccid driver + pcscd + libpcsclite) plus PKCS#11 integration, that would already cover most common use cases (document signing, secure authentication, etc.).
Happy to contribute with tests, feedback, and documentation if this area ever gets some development attention.