Saturday, Jan. 6th 2018
Take a seat and have a good laugh.
See, I don't know, this, maybe, for details. They link (as of today) to the meltdown PDF file, which, if you are literate enough, gives all the details on the crappy bug(s) those intelligent people at this private company produced.
The public reactions of everyone I saw so far are quite entertaining. Thank you all for the lulz!
I have several personal comments on this thing.
Do not trust private companies.
I am 100% convinced that my "colleagues" at Intel knew from scratch about the problem. The people who implemented this idea of speculative execution, however they did, saw that there was a leakage of information in case a problem occurs and the instructions following the faulty one have to be sort of "canceled", so to speak.
My guess is they bet at this point. They bet it would not be such a big problem. This is internal to the CPU, there is no way someone can do something with this.
I guess the pressure from competition (another bad thing in human societies, and this one will be hard to fight) led them to release their chips as is.
Or maybe they informed their managers who decided it was okay.
Free software authors will do shit.
That has already started.
Something like the linux kernel will be modified to limit the attack surface of the bug. They will make their software even more complex than it is today.
There are zillions of security (and non-security) bugs in these millions lines of code. It is getting worse everyday.
We have a bunch of guys who wanted some fame and took the Intel chips of the time (it all started on the i386) and on top of it made an operating system. They used the privilege separation offered by the chip to have a "safe" kernel mode and a "do whatever the hell you want, you can't crash the whole system" user mode.
And that's very enjoyable as a hacker.
Thank you for that.
And even with the crappy recent bugs, it's still the case.
What changed is the security assumptions.
Before this bug, it was something like "data in kernel cannot be read or modified by unauthorized user land program".
This is not true anymore. It can be read by anyone.
So the kernel people won't say: "linux does not guaranty security on this and that CPU". They will deeply modify how they manage memory to overcome the crap from Intel.
And they will be proud of it.
Any sane human being on this planet will now ask herself: "what? but why?"
Intel chips suck. What do you care? That's not your problem.
A top executive of Intel went away with his money a few weeks before the crap became public.
That's how everyone should deal with it.
Just despise Intel.
No, because the whole "computer industry" is enslaved to Intel. You can't buy a cheap and fast computer without Intel (AMD is probably affected too).
So as for the f00f bug (dig the web) of a few years ago, some people will be proud of fixing the shit of Intel.
Now let's go back to 1990.
Imagine that in 1990 such a huge problem was found in the Intel chips of the time.
No sane person would have started a pet OS based on this malfunctioning CPU, not even some random student from a random part of Europe.
But today things are different.
Hackers writing the linux kernel play the competition. They want to be the best. They strongly think they are.
But who is more intelligent in there? Random hackers fixing some crap by some stupid hardware engineers and managers?
Or a guy who had a hell of salary as top executive and went away with lots of money before the crash?
More than ever we need free hardware.
Free hardware is harder than free software.
You need to generate a CPU. This is hard.
You need to manipulate matter.
We have FPGA today. It's hard to program. There is not much free software in this area.
This is a first step.
Of course you can go back in time and buy some logic gates and assemble everything. But the generated computer will be slow.
But that's the way to go.
To hell with Intel and others.
Design your own CPU (see here). Burn it to an FPGA (or whatever you want, FPGA is just a first step, we need better than that, but to be honest, I don't know what, hardware is not my world). Port an operating system, a compiler, a few libraries on it and you're down. You have a reasonable CPU, that you can trust much more than what you use today. (Actually you don't even need to do all this, a lot of work has already been done and today you can burn an existing "soft CPU" into an FPGA and run a full system on top.)
But then, the world will be much less spectacular than today, where a single bug destroys nearly everything on its path.
So we'll need to entertain the old fashioned way. Talk and interact with other human beings.
No more Intel for some good lulz. No more Volkswagen. No more Donald Trump. No more Recep Tayyip Erdoğan!
What kind of noise will I be able to produce then?
Bah. All this thinking is totally fictitious. Truth is: the lulz will go on.
Created: Sat, 06 Jan 2018 19:33:33 +0100
Last update: Sat, 06 Jan 2018 19:41:59 +0100