Linus tells it like it is... for my confession, I am totally 'lost' on the Spectre/Meltdown shambles
SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Apologies for an off-site link, but it was the first i came across when trying to figure out just what this Spectre/Meltdown means to my old machines running Slackware (its all I really use - other than an android phone) and what it affects and what I can do.
I'm taking the line of c'est la vie at the moment until the 'community' gathers itself with something I can easily follow :-) (tired mind and all).
Honestly, Linus is such a drama queen that it's hard for me to take his over-the-top criticisms seriously. I'm sure there is some level of truth to them, but I don't know what that level is.
Honestly, Linus is such a drama queen that it's hard for me to take his over-the-top criticisms seriously. I'm sure there is some level of truth to them, but I don't know what that level is.
I rather appreciate that he doesn't hold back and says what he means. That level of honesty is far too rare.
I went over a few messages in that thread. There was a small misunderstanding on Linus's part in the beginning, contributing to his anger, but there now seems to be an agreement that the patches proposed by Linux developers would be vastly superior to those of Intel's, and that Intel does not seem to handle this issue as responsibly as it should.
Then of course from far away one can also hear the rant by grsecurity, claiming that the Linux patches are flawed as well (... and that basically they are the only ones to have developed (long ago) the correct code to mitigate these attacks...).
The biggest warning against intel is that they sold their latest cpu generation which is affected while fully knowing this. Really the only good solution is that intel releases all their hardware specs from the last 20 years into the public domain so that they can be properly audited.
The grsecurity rant is also self sabotaged by the fact that they don't publicly share their code. If they want people to take them seriously they should show us what they have...
I rather appreciate that he doesn't hold back and says what he means. That level of honesty is far too rare.
I totally agree. And it's not like he is blasting newbs who don't know better. He is blasting seasoned developers who have done substantial work with the kernel and really should know better... especially when it is coming from the company who designed everything (and not some reverse engineered code).
Quote:
Originally Posted by orbea
The biggest warning against intel is that they sold their latest cpu generation which is affected while fully knowing this.
From my (albiet limited) understanding of this, it isn't something simple to fix. It will take a redesign of their CPUs. So it is likely that the next few generations, which are already being developed and might be too far along to easily fix, will continue to be affected by this. Intel might've created a far worse PR incident had they delayed selling Coffee Lake processors until they were ready to announce the vulnerabilities.
For example, AMD started working on the "Zen" architecture back in something like August of 2012 and didn't have a release until January 2017, taking 4.5 years for development. It could still be 3-4 years until we CPUs that are no longer affected by these vulnerabilities.
I rather appreciate that he doesn't hold back and says what he means. That level of honesty is far too rare.
Don't get me wrong, I like that as well. I'm just not sure how much of what he says is objectively true vs exaggeration. I would prefer a more cool-headed explanation of the issue, but of course, I am not the intended audience.
Last edited by montagdude; 01-23-2018 at 11:58 AM.
The grsecurity rant is also self sabotaged by the fact that they don't publicly share their code. If they want people to take them seriously they should show us what they have...
I don't know if they share the code with their customers (even if they don't, their kernels can be tested against the attacks to see if they are resistant). There could be some self-advertising there, but they certainly have some reputation in those circles, perhaps some attitude problems as well (like Linus himself ).
Then of course from far away one can also hear the rant by grsecurity, claiming that the Linux patches are flawed as well (... and that basically they are the only ones to have developed (long ago) the correct code to mitigate these attacks...).
The grsecurity rant is also self sabotaged by the fact that they don't publicly share their code.
MAybe but the fact is they do it publicly for 20 years /Sadly this is the end./and they were exposed to the criticism of the Linus who is not an expert about security at all.
Ironically.
This did not prevent the kernel maintainers to copy and paste /instead of creating a better than criticized one, the only reason was that it was effective/ part of the code and giving "kosher certificate" by Linus .
The link you provide has information that the grsec kernel is resistant to Meltdown. But I couldn't see where it is *proven* that their kernel is vulnerable to Spectre. The claims I referred to were from their Twitter posts (iirc). But I can't claim that I read every bit of their statements very carefully.
But I couldn't see where it is *proven* that their kernel is vulnerable to Spectre. The claims I referred to were from their Twitter posts (iirc). But I can't claim that I read every bit of their statements very carefully.
From my (albiet limited) understanding of this, it isn't something simple to fix. It will take a redesign of their CPUs. So it is likely that the next few generations, which are already being developed and might be too far along to easily fix, will continue to be affected by this. Intel might've created a far worse PR incident had they delayed selling Coffee Lake processors until they were ready to announce the vulnerabilities.
I get that it may not be necessarily easy, but the bottom line is that they knew about the vulnerabilities and continued selling faulty products to uninformed customers. Personally that really does not sit well with me and if they're willing to abuse trust so easily I wonder what else they haven't told us yet?
I get that it may not be necessarily easy, but the bottom line is that they knew about the vulnerabilities and continued selling faulty products to uninformed customers. Personally that really does not sit well with me and if they're willing to abuse trust so easily I wonder what else they haven't told us yet?
I mean, in that aspect, all CPU manufacturers that have vulnerable products are in the same boat since they were notified of these vulnerabilities back in June and continued selling their products without notifying the public...
Yes, you're right about that, but I've also been told that amd is only vulnerable to spectre because they followed intel's spec out of compatibility? I did not try to verify if this was true.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.