- Techies are going crazy after “Meltdown” and “Spectre,” two new methods for stealing passwords, were revealed by Google on Wednesday.
- The flaws affect nearly every single Intel processor.
- This makes Linus Torvalds, the inventor of Linux, furious at the chip giant.
- Torvalds asks: “Is Intel basically saying ‘we are committed to selling you shit forever and ever, and never fixing anything’?”
Linux inventor and founder Linus Torvalds is not known for holding back strong opinions he has about computers, which is why he’s become one of the loudest voices critical of Intel’s handling of the so-called Meltdown bug, which was revealed on Wednesday and could enable an attacker to steal confidential information, including passwords.
“I think somebody inside of Intel needs to really take a long hard look at their CPU’s, and actually admit that they have issues instead of writing PR blurbs that say that everything works as designed,” Torvalds wrote in a sharply-worded email sent on to a Linux list on Wednesday.
“Or is Intel basically saying ‘we are committed to selling you shit forever and ever, and never fixing anything’?” Torvalds continued.
Torvalds, one the world's best-known programmers, is still deeply involved on a day-to-day basis with Linux, a free and open-source operating system he first developed in 1991. Because it's free and open-source, it doesn't cost any money to install.
Although some people use Linux as an alternative to Windows or macOS, its best uses are in the cloud: The majority of servers and supercomputers run a Linux variant.
The Meltdown and the related Spectre bug, both revealed on Wednesday, affect pretty much every Intel processor - not only the ones that power your laptop, most likely running Windows, but also the chips used in Linux servers running the cloud and your favorite websites.
Intel said it's working with both rivals and partners on a fix for the issue. The Spectre bug also affects AMD and processors based on ARM, but is harder to execute than the Meltdown bug, which is focused on Intel processors.
The bugs take advantage of weird aspects of how "kernels," or the cores, of operating systems interact and use processors. Kernels and processors are supposed to be separated to some degree to prevent exactly this kind of attack.
Torvalds is in charge of Linux's kernel, so he has some authority on the issue - and he doesn't like what Intel's been saying. Because Linux is open-source and Torvalds doesn't work for a big company like Google or Microsoft that partners with Intel, he's free to give his unvarnished opinion.
A lot of his ire seems to be geared to the impression that whatever the fix for these bugs will be could mean that computers running on Intel processors will run slower - as much as 30%, according to some analyst estimates. At one point, he muses that processors designed by ARM, an Intel rival, could be a superior option for Linux developers.
Although Torvalds is one of the highest-profile technical voices criticizing Intel, he's not the only one dissatisfied with its handling of the issue. Attention may focus on Intel CEO Brian Krzanich, who sold $24 million in stock in November, after he was aware of the problems.
Read Linus Torvalds' full email below:
From Linus Torvalds Date Wed, 3 Jan 2018 15:51:35 -0800 Subject Re: Avoid speculative indirect calls in kernel
On Wed, Jan 3, 2018 at 3:09 PM, Andi Kleen <[email protected]> wrote: > This is a fix for Variant 2 in > https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html > > Any speculative indirect calls in the kernel can be tricked > to execute any kernel code, which may allow side channel > attacks that can leak arbitrary kernel data.
Why is this all done without any configuration options?
A *competent* CPU engineer would fix this by making sure speculation doesn't happen across protection domains. Maybe even a L1 I$ that is keyed by CPL.
I think somebody inside of Intel needs to really take a long hard look at their CPU's, and actually admit that they have issues instead of writing PR blurbs that say that everything works as designed.
.. and that really means that all these mitigation patches should be written with "not all CPU's are crap" in mind.
Or is Intel basically saying "we are committed to selling you shit forever and ever, and never fixing anything"?
Because if that's the case, maybe we should start looking towards the ARM64 people more.
Please talk to management. Because I really see exactly two possibilities:
- Intel never intends to fix anything
OR
- these workarounds should have a way to disable them.
Which of the two is it?
Linus
