'WHAT THE F*CK IS GOING ON?' Linus Torvalds explodes at Intel spinning Spectre fix as a security feature Intel's fix for Spectre variant 2 – the branch target injection design flaw affecting most of its processor chips – is not to fix it. Rather than preventing abuse of processor branch prediction by disabling the capability and incurring a performance hit, Chipzilla's future chips – at least for a few years until …
You can understand why he gets so grumpy
I mean - he's known for creating the worst fucking OS of all time - where in order to do fucking anything you have to go to fucking terminal command prompt
Linux is complete and utter fucking shit and his name is attached to it
Its no wonder he's pissed
"he's known for creating the worst fucking OS of all time - where in order to do fucking anything you have to go to fucking terminal command prompt"
HAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHA (edited for brevity)
Did mummy forget to tie your shoelaces for you this morning?
"where in order to do fucking anything you have to go to fucking terminal command prompt"
Let me guess. You've never even seen a modern (say less than 20 year old) Unix-based OS let alone ever used one.
That doesn't mean I'm not about to fire up a terminal emulator to run the 10 updates KDE has just alerted me to. I do that because it's about an order of magnitude faster to do that than faff about with a GUI which, under Linux, is still about an order or magnitude than the Windows equivalent with all those reboots and so on.
68K architecture, which I read somewhere doesn't have this problem. Unfortunately they stopped with the 68060 and didn't go farther. All in all a MUCH cleaner architecture. Probably slower, but WAY more compact in instruction count. Yes it was very CISC, but when memory was more expensive it was the way to go.
Now we have these problems, and with very little genetic diversity, I suspect it might not be the last.
68K isn't quite dead. It is being revived as the 68080 chip by a new development team!
Currently in FPGA form and being used as an add-on accelerator for Amiga computers. A stand-alone computer based on this chip (Vampire V4) is due for release later on this year. Currently in beta.
Check out the following links:
http://www.apollo-accelerators.com/
http://apollo-accelerators.com/wiki/doku.php
http://apollo-accelerators.com/wiki/doku.php/apollo_core
This is a VERY exciting development. Future plans (years away?) do include an ASIC.
"68K architecture, which I read somewhere doesn't have this problem. "
68K probably doesn't have this problem because the architecture was commercially dead before out-of-order processors took over. A 68K chip designed for performance last year would have been out of order and would almost certainly have suffered this problem, just like the highest performing cores from ARM, MIPS, SPARC, ...
Intel are getting flack from Linus because they are being dishonest about the fix, not because of the bug.
I'm with Intel on this, in that I want a flag that lets me choose whether to allow the speculative read-ahead. But i want it opt-in, not opt-out (for security reasons). I can reasonably decide what software runs on *certain* machines, and if I want to run a gaming rig (that isnt going to be used for generic internet browsing) but runs games, or if I want my 3d editing rig that just does my Unreal pipeline, that's my *informed* decision to enable the extra power at the tradeoff of a potential security risk.
Err no.
First, the patch has to be stable. It is NOT.
Second, if you want it for gaming.. well, good news, the impact on gaming is minimal.
Also, unsecure by default is a horrible option.. (as you also point out), as is running in "unsecure mode". For the common good, processors should try to be at least reasonably secure.. and if people start running computers with known vulnerabilities that can be exploited with a asimple javascript/flash/whatever in the browser.. well, more zombies and bad for everyone when massive floods take down services, or extortion mafias demand money from etailers. And yes, they do, I would even call it "standard".
Apparently Torvalds can still be praised for sitting two sides on the same argument. After all wasn't it Torvalds only a couple of months ago whom berated a security expert because they didn't have a fallback mechanism in their code from the start and said that enabling security fixes that inconveniences the user is bad and can lead to system crashes.
Now we have a security update with a fallback mechanism and that enabling it inconveniences the user for certain and does indeed crash many systems.. the sheer hypocrisy here... personally I believe most users don't actually care about security and that sometimes you have to push security on too users even if it inconveniences them somewhat. Naturally you still need the ability to revert or disable such security updates encase they do bork the system too, of course.
The problem is that you (or rather your OS' kernel at boot) has to opt in because marketing says fake benchmarks are important.
I'm sure anyone can design a CPU with none of the expected protection that runs like shit of a shovel, but that shouldn't be benchedmarked in the same way as other CPUs which does have it.
The benchmarks between AMD Ryzen vs Intel i7 8th Gen (Boring Extra Security Mode Which Isn't Really Needed) are too close for comfort, they want people to look at AMD Ryzen vs Intel i7 8th Gen instead.
...says it all:
“We take the feedback of industry partners seriously. We are actively engaging with the Linux community, including Linus, as we seek to work together on solutions.”
Where's all the legal bluster you'd expect from a litegeous megacorp? Threats of God knows what, and being on the defensive? None of that - as they know Linus has it spot on.
"Torvalds observed that the cost of using IBRS on existing hardware is so significant that no one will set the hardware capability bits".
And that is exactly the point, as a "business" mind sees it.
This way, it will be the user who becomes responsible for insecurity as he failed to turn on the protection bit.
Or he can turn it on and suffer with the resulting low performance - and that, too, will be his responsibility.
"They couldn't hit an elephant at this distance."
Ah yes, the famous words uttered by Union Army General John Sedgewick shortly before his death.
Like, gee, this gun will never go off on its o
To be fair, guns only go off on their own on TV and in the imaginations of those who have an irrational amount of fear* regarding them. If you doubt that, try talking to someone who actually knows a thing or three about guns. It doesn't even need to be a gun nut. Go ask a retired soldier or a SWAT officer how often guns just go off.
*As opposed to the completely appropriate amount of respect due to anything that can kill if mishandled.
He's got a very important job to do himself. This one's Intel's pile of Dodo droppings. It's their call.
OTOH, just to be charitable, I'll give Intel a free suggestion. Why don't you ask that nice Mr Pottering for some help. If he would only take a week off from fixing Pulse Audio, I'm sure he could easily incorporate a fix into Sysyemd. The system would boot faster, run faster, crash faster, ...oops...
How far back?
Core 2 Duo which was shipped with Vista?
What would the fix be? Replace the complete PC with something which hasn't been fixed yet, and allegedly won't be properly fixed for another 2 years?
Or wait 2 years then offer a $50 rebate on a brand new system? No way that you are going to fix any 10 year old laptops.
The best you would be likely to see is a limited term "scrappage" offer which helps shift an enormous number of new W10 systems and gives the whole industry a massive boost. Which isn't my idea of punishment for insecure design.
>>> Linus
>>> Is Intel really planning on making this shit architectural? Has
>>> anybody talked to them and told them they are f*cking insane?
>>> Please, any Intel engineers here - talk to your managers.
>>
>> Intel employee:
>> If the alternative was a two-decade product recall and giving everyone
>> free CPUs, I'm not sure it was entirely insane.
>
> Linus:
> You seem to have bought into the cool-aid. Please add a healthy dose
> of critical thinking. Because this isn't the kind of cool-aid that
> makes for a fun trip with pretty pictures. This is the kind that melts
> your brain.
So yes, Linus is right. And INTL goes by the evil playbook how to avoid recalling CPUs. They do all the evil stuff what their lawyers came up with to avoid having to recall their last two decades of CPUs. And two billion people around the world get screwed by INTL. Guess what, their "Intel Inside" brand is burning.
Great that Linus speaks up. Sad that most other don't, shame on them. It's very telling how certain media reports on this issue. TheReg, TechCrunch and some others are reporting it objectively, while many others are doing INTL a favor.
(further down in the mail thread)
> Intel employee:
> Right now the plan is just "screw Skylake"
-- https://lkml.org/lkml/2018/1/23/108
INTL just says "screw Skylake" aka CPUs made 2015-2017. What a great time to be a customer, not.
INTL borked Intel CPUs made 2013-2015 with their latest Meltdown patch, causing unstable crashes "reboots".
INTL won't release micro-code updates to 1995 (Pentium Pro) - 2012 CPUs at all.
INTL will sell Meltdown inside CPUs in 2018, with no end in sight.
Bollocks.
Intel has options, they just do not like them.
They could stop selling their entire affected product line, get everyone to work on a design fix/workaround and only start selling chips when they have a revised design that does not open up their *customers* to remote code execution.
Like, you know, every other company has done when in the exact same situation. Not only that, most companies would recall defective products at their own expense, as their customers expect them to. See Toyota (twice), Samsung et al.
But they do not want to because $.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
