- Techies are going crazy after “Meltdown” and “Spectre,” two new methods for stealing passwords, were revealed by Google on Wednesday.
- The flaws affect nearly every Intel processor.
- This makes Linus Torvalds, the inventor of Linux, furious at the chip giant.
- Torvalds asks: “Is Intel basically saying ‘we are committed to selling you shit forever and ever, and never fixing anything’?”
Linus Torvalds, the inventor and founder of the Linux operating system, is not known for holding back strong opinions he has about computers, and he is now one of the loudest voices critical of Intel’s handling of “Meltdown,” the flaw revealed Wednesday that could enable an attacker to steal confidential information including passwords.
“I think somebody inside of Intel needs to really take a long hard look at their CPU’s, and actually admit that they have issues instead of writing PR blurbs that say that everything works as designed,” Torvalds wrote in a sharply worded email sent to a Linux list on Wednesday.
“Or is Intel basically saying ‘we are committed to selling you shit forever and ever, and never fixing anything’?” Torvalds continued.
Torvalds, one the world’s best-known programmers, is still deeply involved on a day-to-day basis with Linux, a free and open-source operating system he first developed in 1991.
Though some people use Linux as an alternative to Windows or macOS, its best uses are in the cloud: The majority of servers and supercomputers run a Linux variant.
Meltdown and the related Spectre issue, both revealed Wednesday, affect pretty much every Intel processor – not only the ones that power your laptop, most likely running Windows, but also the chips used in Linux servers running the cloud and your favorite websites.
Intel said it was working with both rivals and partners on a fix for the issue. Spectre also affects AMD and processors based on ARM, but it is harder to execute than Meltdown, which is focused on Intel processors.
The two issues take advantage of weird aspects of how kernels, or cores, of operating systems interact and use processors.
Torvalds is in charge of Linux’s kernel, so he has some authority on the issue – and he doesn’t like what Intel has been saying. Because Linux is open-source and Torvalds doesn’t work for a big company like Google or Microsoft that partners with Intel, he’s free to give his unvarnished opinion.
A lot of his ire seems to be geared to the impression that a fix for these issues is likely to cause computers running on Intel processors to run slower – by as much as 30%, according to some analyst estimates. At one point, he muses that processors designed by ARM, an Intel rival, could be a superior option for Linux developers.
Though Torvalds is one of the highest-profile technical voices criticizing Intel, he is not the only one dissatisfied with its handling of the issue. Attention may focus on Intel CEO Brian Krzanich, who sold $24 million in stock in November, months after he was aware of the problems.
From Linus Torvalds Date Wed, 3 Jan 2018 15:51:35 -0800 Subject Re: Avoid speculative indirect calls in kernel
On Wed, Jan 3, 2018 at 3:09 PM, Andi Kleen <firstname.lastname@example.org> wrote: > This is a fix for Variant 2 in > https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html > > Any speculative indirect calls in the kernel can be tricked > to execute any kernel code, which may allow side channel > attacks that can leak arbitrary kernel data.
Why is this all done without any configuration options?
A *competent* CPU engineer would fix this by making sure speculation doesn’t happen across protection domains. Maybe even a L1 I$ that is keyed by CPL.
I think somebody inside of Intel needs to really take a long hard look at their CPU’s, and actually admit that they have issues instead of writing PR blurbs that say that everything works as designed.
.. and that really means that all these mitigation patches should be written with “not all CPU’s are crap” in mind.
Or is Intel basically saying “we are committed to selling you shit forever and ever, and never fixing anything”?
Because if that’s the case, maybe we should start looking towards the ARM64 people more.
Please talk to management. Because I really see exactly two possibilities:
– Intel never intends to fix anything
– these workarounds should have a way to disable them.
Which of the two is it?