zdnet.com
A team of nine academics has revealed today seven new CPU attacks. The seven impact AMD, ARM, and Intel CPUs to various degrees.
Two of the seven new attacks are variations of the Meltdown attack, while the other five are variations on the original Spectre attack -- two well-known attacks that have been revealed at the start of the year and found to impact CPUs models going back to 1995.
Other urls found in this thread:
networkworld.com
cavium.com
system76.com
pogolinux.com
asacomputers.com
developer.arm.com
archive.is
rc2014.co,uk
twitter.com
Rustards btfo
this is why SeL4 is the real secure system. They actually know what they're talking about
You're wasting your time to focus about OS when the foundations (hardware) are broken by design. Here's a nickel, kid. Get yourself a better computer. Then maybe you can talk about better OS.
Oh, is rust still a thing? Rust shills have gotten awfully quiet lately. You still here Steve?
that's compromised too. Did you read the fucking article?
No, it's not. The board I posted has an A20 SoC, which is a dual core ARM Cortex-A7. Those do in-order execution and no speculation, which means they're immune to all this Meltdown and Spectre bugs that plagues most other modern processors.
ah I see
Speaking of ARM in relation to spectre/meltdown, I'm fairly certain that Cavium ThunderX is unaffected as well. ThunderX2 is though.
networkworld.com
I'm not familiar with those, but not very surprised. Broadcom is pretty shit.
They're 48-core ARM chips designed for servers.
cavium.com
you can get systems with them from these places
system76.com
pogolinux.com
I noticed these ones earlier:
asacomputers.com
But my old plan of wiring up 64 Banana Pi M2 Zero's will still come out cheaper. XD
It has nothing to do with Broadcom. They simply license the cores just like everyone else. The Cortex A7 and A53 don't have speculative execution, but at the same time are very slow. I have a 32-bit Cortex A9 that still tears the shit out of the 64-bit A53 quads.
You're not telling me anything new.
I miss m68k.
So is Transmeta safe?
I used to be angry at these developments, but then I remembered that we live in hell on earth, and I can't stop laughing.
RISC-V when?
Switching ISAs won't fix timing attacks.
It's not just a timing attack, it takes advantage of peculiarities of the Intel architecture. Remember, despite all the autistic screeching, this is largely an Intel problem.
It only seems that way because Intel took more shortcuts, in order to have best performance. But all chips that do out-of-order execution and speculation are potentially vulnerable to this kind of attack. And in the paper they say there will probably be many, many such bugs discovered in the future.
Maybe they should just stop doing such dangerously overclever designs. Of course, that would force software developers to actually write non-shitty code, instead of assuming the hardware will pick up the slack.
THANK YOU LORD THEO, FOR HAVING THE FORESIGHT THAT TLBLEED WASN'T THE END AND MORE WOULD SOON FOLLOW!
LONG LIVE LORD THEO, OPENBSD BENEVOLENT DICTATOR FOR LIFE! FOR WHOM THE SUN RISES IN THE EAST, FROM WHOM THE SWEETEST DIGITAL HONEYS FLOW FORTH INTO THE WORLD!
I really wanna use RISC-V.
WE'RE DOOMED
Those tricks are what gives you performance. The problem is keeping track of various states in flight.
I only visit Zig Forums about once every week now. I stopped posting in this shithole.
Those tricks are too dangerous. At least with software tricks, you can fix all the bugs. So it's slightly better to do the naughty things there.
But I don't need more performance anyway. Because I never asked for HD video, 3D games with a gazillion polygons, crazy Web 2.0 sites with 5 megs of obfuscated javascript, WebGL, in-browser video, and so forth. This is all marketing garbage, that I'd rather not have anything to do with ever.
Unfortunately for Intel it appears that most of these architectures have no current working PoC, which leaves Intel as the sole chipmaker peddling CPUs which are currently vulnerable to Spectre type attacks. There have been many articles in the press by Intel shills trying to point out that all chips using out of order or speculative execution are "potentially vulnerable" to these attacks but it just seems desperate at this point.
Heh, remember when Theo was giving a talk and the Intel shill under NDA screamed at him for bringing up Spectre and the fact that OpenBSD was disabling a bunch of stuff because they thought more vulns were coming down the pipe?
Same. I moved to IRC and lainchan
It's not just Intel shills or whatever, even though they probably try to paint things less biased against Intel (who are the worst offenders). Most of the more recent ARM processors were affected by Spectre bugs.
developer.arm.com
I haven't paid attention to AMD because I don't really care about x86 anymore. I already moved to ARM earlier this year.
Time to build my z80 computer
Whomst makes this thing?
Which IRC? Is it a .onion or .b32.i2p?
This is a hardware issue. SeL4 is effected too.
It looks to be the rc2014. The thing seems to be sort of altair 8800-like computer, only much smaller and a bit more diy.
archive.is
rc2014.co,uk