Linus Torvalds is furious at Intel over its handling of the current processor security flaw

[D13H4RD]

Oh boy, Intel can't catch a break. 

 

Linus Torvalds, creator and principal developer of the Linux kernel, is reportedly unhappy with with how Intel is handling the issue with security flaws on their processors dating back to more than a decade ago. 

 

In an email, he explains that Intel "needs to really take a long hard look at their CPU's, and actually admit that they have issues instead of writing PR blurbs that say that everything works as designed". 

 

The full email is below 

Quote

Why is this all done without any configuration options?

 

A *competent* CPU engineer would fix this by making sure speculation doesn't happen across protection domains. Maybe even a L1 I$ that is keyed by CPL.

 

I think somebody inside of Intel needs to really take a long hard look at their CPU's, and actually admit that they have issues instead of writing PR blurbs that say that everything works as designed. .. and that really means that all these mitigation patches should be written with "not all CPU's are crap" in mind.

 

Or is Intel basically saying "we are committed to selling you shit forever and ever, and never fixing anything"?

 

Because if that's the case, maybe we should start looking towards the ARM64 people more. Please talk to management. Because I really see exactly two possibibilities: - Intel never intends to fix anything OR - these workarounds should have a way to disable them. Which of the two is it?

 

Linus

Source: https://lkml.org/lkml/2018/1/3/797

 

Pretty rocky start to the year for Intel 

[Sauron]

Well, can't say I disagree with Torvalds. It seems Intel is doing everything it can to downplay the issue.

[corsairian]

I'm glad that someone like Torvalds told Intel off like this. I have a feeling like these companies knew about these vulnerabilities but didn't fix them. Possibly because the NSA was using the exploits? Lol..... 

 

I read it as Linus Sebastian first.. Lol

[D13H4RD]

10 minutes ago, Sauron said:

Well, can't say I disagree with Torvalds. It seems Intel is doing everything it can to downplay the issue.

That's what PR tries to do. 

 

Doesn't help in this case. 

[Misanthrope]

2 minutes ago, corsairian said:

I read it as Linus Sebastian first.. Lol

Well he did posted a pretty damning rant about intel too:

 

 

[potoooooooo]

I mean he's not wrong, but why is he relevant? When's the last time linus torvalds did something actually newsworthy?

[Bouzoo]

I can't deny that I love reading his emails.

[Misanthrope]

Just now, potoooooooo said:

I mean he's not wrong, but why is he relevant? When's the last time linus torvalds did something actually newsworthy?

November 12th past year. So a little bit ago in fairness to your point but, come on:

 

http://www.zdnet.com/article/the-new-long-term-linux-kernel-linux-4-14-has-arrived/

[Mira Yurizaki]

2 minutes ago, Misanthrope said:

November 12th past year. So a little bit ago in fairness to your point but, come on:

 

http://www.zdnet.com/article/the-new-long-term-linux-kernel-linux-4-14-has-arrived/

http://www.zdnet.com/article/linus-torvalds-i-dont-trust-security-people-to-do-sane-things/

 

Then a week later he berates a Google computer security person for suggesting to do something dumb.

[Taf the Ghost]

4 minutes ago, potoooooooo said:

I mean he's not wrong, but why is he relevant? When's the last time linus torvalds did something actually newsworthy?

Are you going to say the principle maintainer of Linux isn't "newsworthy"? Do you even computer?

[Misanthrope]

8 minutes ago, M.Yurizaki said:

http://www.zdnet.com/article/linus-torvalds-i-dont-trust-security-people-to-do-sane-things/

 

Then a week later he berates a Google computer security person for suggesting to do something dumb.

That he probably did. But it still has absolutely nothing to do with the "This guy is irrelevant" implications: Literally over half of the servers that even make the internet possible run because of him and he still actively contributes to Linux so yeah, he's a fairly big fucking deal, enough that he can get away with his crazy rants like these.

[Mira Yurizaki]

2 minutes ago, Misanthrope said:

That he probably did. But it still has absolutely nothing to do with your "This guy is irrelevant" implications: Literally over half of the servers that even make the internet possible run because of him and he still actively contributes to Linux so yeah, he's a fairly big fucking deal, enough that he can get away with his crazy rants like these.

I feel this is misdirected.

[Misanthrope]

Just now, M.Yurizaki said:

I feel this is misdirected.

Indeed I edited the post when I realized you weren't the one I was originally quoting.

[NumLock21]

[Primefoxer]

Linus Torvalds, dislikes Nvidia and now Intel, he is the one that AMD 'fanboys' will worship. That is until he also voices his dislike on them too.

[Matu20]

Linus also said fuck Nvidia, but Nvidia is very well and kicking, so i don't see this helping at all.

[mr moose]

2 hours ago, Sauron said:

Well, can't say I disagree with Torvalds. It seems Intel is doing everything it can to downplay the issue.

 

They have too,  imagine if a company (any company in their position) didn't. It would perpetuate hysteria.   

[Sauron]

2 hours ago, D13H4RD2L1V3 said:

That's what PR tries to do. 

 

Doesn't help in this case. 

Yes and no, they could have been honest about it and said they are doing all they can to solve the issue... but are they?

19 minutes ago, Matu20 said:

Linus also said fuck Nvidia, but Nvidia is very well and kicking, so i don't see this helping at all.

Intel just got hardcore tackled by AMD on the desktop and has almost completely lost the mobile market. They are doing just fine right now, but if the big software developers start turning their back on them they'll start feeling it eventually. Linux may not be that popular for the average user, but it dominates datacenters. If those datacenters decide to go with a competitor (don't forget IBM is still alive by the way, and they don't use x86) it will be a serious hit to Intel's revenue.

 

As for nVidia, unlike cpus, graphics card usually don't need direct kernel support as drivers take care of almost everything. Even if Linus were serious about boycotting nVidia he couldn't prevent others from making open source drivers for them and of course, he couldn't stop nVidia from providing their proprietary solution.

[Sauron]

5 minutes ago, mr moose said:

 

They have too,  imagine if a company (any company in their position) didn't. It would perpetuate hysteria.   

Well... the cat is out of the bag now, everyone who needs to know about this does. The problem with Intel not aknowledging it is that it shows they probably have no intention to address the problem by fixing their hardware, at least not for some time. While I don't expect them to pull coffee lake from the market until they have a patched version, the least they could do is delay their next product line to make sure it's fixed. But if they do that, they're afraid AMD will eat them alive.

[mynameisjuan]

2 hours ago, Misanthrope said:

Literally over half of the servers that even make the internet possible run because of him

I still find it hilarious that even though he develops and maintains the kernal, he has no fucking clue how to use linux more than a basic level. Yet he is the one praised for producing the servers that let us do the things we can do today.

[mr moose]

1 minute ago, Sauron said:

Well... the cat is out of the bag now, everyone who needs to know about this does. The problem with Intel not aknowledging it is that it shows they probably have no intention to address the problem by fixing their hardware, at least not for some time. While I don't expect them to pull coffee lake from the market until they have a patched version, the least they could do is delay their next product line to make sure it's fixed. But if they do that, they're afraid AMD will eat them alive.

AMD, ARM, VIA where all also told at the same time.  None of them said anything for the same reason, They don't want to create hysteria or increase the risk of exploits until they have the problem fixed.

 

With the latest patch from all the OS makers the issue is essentially fixed.  So I don't see why they would delay or pull anything from the market.

[Sauron]

Just now, mr moose said:

AMD, ARM, VIA where all also told at the same time.  None of them said anything for the same reason, They don't want to create hysteria or increase the risk of exploits until they have the problem fixed.

 

With the latest patch from all the OS makers the issue is essentially fixed.  So I don't see why they would delay or pull anything from the market.

Only Intel has the largest flaw which also affects their cpu's performance.

[Guest]

3 minutes ago, Sauron said:

Only Intel has the largest flaw which also affects their cpu's performance.

This is probably Intels main problem in which it now falls behind Ryzen, however I would be very interested in the benchmarks about this issue.

[mr moose]

1 minute ago, Sauron said:

Only Intel has the largest flaw which also affects their cpu's performance.

Regarding only effecting Intel it depends on who you get your info from at this stage, but all that aside the reason they didn't say anything was because they had to get the fix out first. Now the fix is out they can talk about it and find alternative solutions to the performance issues.    Making a public statement about it before they had the hole patched could have been disastrous and thus not a smart move (by any company).

[mr moose]

Just now, RorzNZ said:

This is probably Intels main problem in which it now falls behind Ryzen, however I would be very interested in the benchmarks about this issue.

Me too,  the real interesting bit is going to be seeing how each of the three OS's handle the fix and what the performance difference is in each.  Will they scale? will one OS handle it better than others?