
OpenBSD chief de Raadt says no easy fix for new Intel CPU bug - mediawatch
https://www.itwire.com/security/83347-openbsd-chief-de-raadt-says-no-easy-fix-for-new-intel-cpu-bug.html
======
mrec
Carmack said it best:

 _" Putting anything that gets benchmarked in a position of security
responsibility is very, very dangerous."_

[https://twitter.com/ID_AA_Carmack/status/395927588108918785](https://twitter.com/ID_AA_Carmack/status/395927588108918785)

I think the original context was WebGL, but it applies everywhere.

~~~
unixhero
Makes me wonder that Matt Dillon, Theo De Raadt, Linus Torvalds, John Carmack
and Bryan Cantrill would have been able to make if they were founders of a
company together.

~~~
dwc
They would make forks ;)

~~~
unixhero
Not before they had a solid source code management system, ... oh wait!

------
alkonaut
Is the solution to this and previous side channel bugs to simply not run
untrusted and trusted code on the same machine?

Basically a revert to the security model of Windows XP. We should assume
access to execute any code means the same security level as having physical
access to a machine (I.e. full machine ownership)?

~~~
zik
No, as he points out in the article even a kernel call can change the virtual
address space so even two threads of the same program may leak data. There's
basically no known fix except to disable hyperthreading entirely.

~~~
pas
If you pin VMs to different cores, never sharing hyperthreads, then the risk
is contained per VM (or per core).

~~~
pabloski
Let's hope there's no inter-core side-channel lurking in the shadows :(

It is time to rethinking the engineering methodologies we use in the
electronics/informatics field.

~~~
cm2187
Breaking x86 backward compatibility? That would be fun.

~~~
pabloski
So we are between a rock and a hard place.

------
snvzz
So, it turns out Intel took every shortcut they could.

~~~
314
It is interesting to see the same pattern that we've watched play out in
financial markets repeated in such a different area. High performance from
unstated changes in risk. Now that it has been exposed we know who has been
swimming naked and over the next couple of years we will learn just how naked
they were. Luckily I only run software that I trust on boxes where security is
an issue.

~~~
imglorp
The curious thing I'm learning about investors reacting to revealed disasters
(caused by poor risk management) is, __they don 't seem to care as long as the
long term story is there __. A couple of examples:

* The INTC bugs came out around the beginning of the year, but if you zoom out you can barely tell. It was 34 a year ago and it's 52 today.

* FB fell around 6pct for the CA privacy news, to 152, and then a little for the EU hearings, but it's back in spades to over 200 now.

As long as you provide a plausible hole in the sand, it seems the market will
gladly stick its head there and ignore whatever us nerds are FUDDing about.

~~~
shittyadmin
To be fair, prior Intel issues were mitigated, and even if they couldn't be
there might be limited reasons to think that prior issues will impact future
sales without sufficient competition in the market. If it turns out that these
older Intel chips can't be used for cloud computing anymore then it might just
mean that cloud providers like Amazon take a hit but Intel makes a gain in
selling them new chips.

And Facebook privacy issues are frequently panic'd about briefly and then
forgotten. Markets doing that pretty much mirrors the people who "delete
facebook" every time there's a panic and then come back minutes later.

------
AHTERIX5000
Well, Spectre was already an exploit without "an easy fix" but a lot of nasty
workarounds.

------
dooglius
I'll be curious to see the details of the exploit. The TLB should only hold
metadata about the address spaces involved (e.g. virtual-to-physical mapping,
how many times the entry has been used recently), whereas to extract a private
key as claimed, one needs the side channel to have a dependency on the data.

------
ksec
What is the current fastest In Order CPU with no SMT? My guess it is from ARM?

~~~
dmitrygr
Probably Cortex-A53. And it isn't fast

------
tempotemporary
Will it help to use VMs? Say something like Qubes OS?

~~~
4ad
No, VMs will make things worse.

~~~
pabloski
You must pin them to specific cpu cores. But then you lose a big part of the
convenience offered by VMs. It is like using gpu passthrough vs virtual 3d
card.

~~~
AstralStorm
Not that big part at all, you can change these settings at will. Sharing the
CPUs (overcommiting) is probably out of the question though.

Just most VM management UIs lack the functionality.

GPU passthrough is special because they have weird initialization and shutdown
handling. Plus are chunky (all our nothing) until SR-IOV variants become
commonplace. CPU cores don't have these problems.

