Discussion in 'Article Discussion' started by bit-tech, 10 Apr 2019.
Intel chips got more vulnerable back-doors than a south American prison at this point...
To be fair to Intel, only one of 'em is a chip flaw; the other three are firmware (one) and software (two) for which patches are already available.
Roll on my Zen 2 upgrade.
They are all hardware flaws that require firmware/software workarounds.
For example, the Meltdown vulnerability allows userspace code to read the CPUs cache, which often contains kernel memory.
The workaround is essentially to keep deleting the kernel memory from CPU cache every time it wants to run userspace code, so that if the userspace code is reading the CPU's cache using the Meltdown vulnerability, there isn't any kernel memory there to read.
And the act of deleting the kernel memory all the time takes extra time.
But, it should never been able to just read CPU cache in the first place. A proper fix means modifying the architecture so that reading the CPU's cache like that isn't possible.
It's kind of like, if there was a hole in a wall of a bank big enough to let anybody enter the vault, and the workaround was to check if anybody from the public happened to be walking near the hole and take all the money out of the vault every time it happened just in case they decided to stroll into the vault.
Err... No, they're not. Unless you can explain which hardware flaw is only exploitable if you don't update the Intel Graphics Performance Analyser for Linux, or the Intel Media SDK?
No, Meltdown can be exploited by any userspace code, to read kernel memory it shouldn't be allowed to access.
And like I said, the workaround is to keep deleting all of the kernel memory from the CPUs cache every time userspace code is executed.
And that takes extra time, therefore you receive a performance hit.
This has to be implemented by the OS kernel itself, not just by software running on top of the OS.
The proper fix is to make sure that userspace code that doesn't have the right permissions doesn't get speculatively executed in the first place.
And this has to be done with a redesign of the architecture and replacement of the CPU.
Existing CPUs cannot be fixed, they have to apply the workaround.
I genuinely can't tell if you're trolling or not. This article is not about Meltdown. Here, let me quote for your hopeful edification:
In smaller words: a software flaw in the software installer for a piece of software. Absolutely nothing to do with any hardware flaw, and the fix is a fix, not a workaround.
Again, a software flaw in a software development kit which can be fixed, not worked around, by installing the update.
Neither of these are in any way related to Meltdown. Neither of these are in any way related to speculative execution. Neither of these are in any way related to hardware flaws.
Next time you want to teach your grandmother to suck eggs, could you do me a favour and actually read the article?
The quote you originally responded to said this:
Yes, this was referencing the hardware vulnerabilities.
Notice the words "Intel chips" in the quote.
Nice try at avoiding admitting you're wrong, but the message you originally replied to said:
Anything else you need clarifying while I'm here?
Separate names with a comma.