- Techies are going crazy after "Meltdown" and "Spectre," two new methods for stealing passwords, were revealed by Google on Wednesday.
- The flaws affect nearly every Intel processor.
- This makes Linus Torvalds, the inventor of Linux, furious at the chip giant.
- Torvalds asks: "Is Intel basically saying 'we are committed to selling you shit forever and ever, and never fixing anything'?"
ADVERTISEMENT
The inventor of Linux is furious at Intel (INTC)
"I think somebody inside of Intel needs to ... actually admit that they have issues instead of writing PR blurbs," Linus Torvalds wrote.
ADVERTISEMENT
Recommended articles
Linus Torvalds, the inventor and founder of the Linux operating system, is not known for holding back strong opinions he has about computers, and he is now one of the loudest voices critical of Intel's handling of "Meltdown," the flaw revealed Wednesday that could enable an attacker to steal confidential information including passwords.
"I think somebody inside of Intel needs to really take a long hard look at their CPU's, and actually admit that they have issues instead of writing PR blurbs that say that everything works as designed," Torvalds wrote in a sharply worded email sent to a Linux list on Wednesday.
"Or is Intel basically saying 'we are committed to selling you shit forever and ever, and never fixing anything'?" Torvalds continued.
ADVERTISEMENT
Torvalds, one the world's best-known programmers, is still deeply involved on a day-to-day basis with Linux, a free and open-source operating system he first developed in 1991.
Though some people use Linux as an alternative to Windows or macOS, its best uses are in the cloud: The majority of servers and supercomputers run a Linux variant.
Meltdown and the related Spectre issue, both revealed Wednesday, affect pretty much every Intel processor — not only the ones that power your laptop, most likely running Windows, but also the chips used in Linux servers running the cloud and your favorite websites.
Intel said it was working with both rivals and partners on a fix for the issue. Spectre also affects AMD and processors based on ARM, but it is harder to execute than Meltdown, which is focused on Intel processors.
The two issues take advantage of weird aspects of how kernels, or cores, of operating systems interact and use processors.
ADVERTISEMENT
Torvalds is in charge of Linux's kernel, so he has some authority on the issue — and he doesn't like what Intel has been saying. Because Linux is open-source and Torvalds doesn't work for a big company like Google or Microsoft that partners with Intel, he's free to give his unvarnished opinion.
A lot of his ire seems to be geared to the impression that a fix for these issues is likely to cause computers running on Intel processors to run slower — by as much as 30%, according to some analyst estimates. At one point, he muses that processors designed by ARM, an Intel rival, could be a superior option for Linux developers.
Though Torvalds is one of the highest-profile technical voices criticizing Intel, he is not the only one dissatisfied with its handling of the issue. Attention may focus on Intel CEO Brian Krzanich, who sold $24 million in stock in November, months after he was aware of the problems.
From Linus TorvaldsDate Wed, 3 Jan 2018 15:51:35 -0800Subject Re: Avoid speculative indirect calls in kernel
On Wed, Jan 3, 2018 at 3:09 PM, Andi Kleen <andi@firstfloor.org> wrote:> This is a fix for Variant 2 in> https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>> Any speculative indirect calls in the kernel can be tricked> to execute any kernel code, which may allow side channel> attacks that can leak arbitrary kernel data.
ADVERTISEMENT
Why is this all done without any configuration options?
A *competent* CPU engineer would fix this by making sure speculation doesn't happen across protection domains. Maybe even a L1 I$ that is keyed by CPL.
I think somebody inside of Intel needs to really take a long hard look at their CPU's, and actually admit that they have issues instead of writing PR blurbs that say that everything works as designed.
.. and that really means that all these mitigation patches should be written with "not all CPU's are crap" in mind.
Or is Intel basically saying "we are committed to selling you shit forever and ever, and never fixing anything"?
ADVERTISEMENT
Because if that's the case, maybe we should start looking towards the ARM64 people more.
Please talk to management. Because I really see exactly two possibilities:
- Intel never intends to fix anything
OR
- these workarounds should have a way to disable them.
ADVERTISEMENT
Which of the two is it?
Linus
FOLLOW BUSINESS INSIDER AFRICA
ADVERTISEMENT
Recommended articles
Hackers test their ransomwares in less protected regions like Africa before striking richer nations: Report
Top social media platforms used for agriculture in Kenya - Survey
African countries with the fastest-growing military strength in 2024
3 African countries could play host to Russian diplomatic missions
Trends in online casino gaming in New Zealand
10 African countries with the highest number of migrants
PHOTOS: Inside the hostel in Rwanda set to house migrants from the UK in July
10 African countries with the weakest governments
