Linus Torvalds is furious at Intel over its handling of the current processor security flaw

[leadeater]

9 hours ago, Bit_Guardian said:

ARM TrustZone has a few critical, unfixable security bugs too, meaning Zen has some.

No those are different implementations and I believe you are referring to EYPC only from past comments, as that is the only CPU to feature the ARM security chip. However no one gets to see that chip or interact with it so a flaw in that is incredibly hard to exploit unlike an actual ARM system.

 

AMD uses a custom firmware for it's use of the ARM security chip, probably flaws in that but it's unrelated to ARM TrustZone issues.

 

Interestingly if cloud providers were using AMD EPYC they likely would have been immune to Meltdown even if the Zen architecture was susceptible to Meltdown, as in customers being able to break out of the VM memory and to the host and other VMs on that host.

 

Quote

To start off, there is the tag team of Secure Memory Encryption (SME) and Secure Encrypted Virtualization (SEV). Secure Memory Encryption allows for full encryption of data stored in DRAM, and SEV allows individual virtual machines to be assigned a unique cryptographic key, thus isolating them from each other as well as the OS hypervisor and administrator layer. These functions are based on a hardware security processor attached to the memory controller with a 128-bit AES encryption engine.

 

That means you can have full memory encryption on virtualized machines, something that will be greatly appreciated by cloud services providers. It will let them assure customers that the memory and the virtual machines that live on their clouds are completely secured in a multi-tenant environment.

 

Where SME is designed for memory, SEV is specifically aimed at VMs and is designed to keep them from cross-contamination, since each VM has its own encryption key. It also allows unencrypted VMs to run alongside encrypted ones, which is a new option. Up to now, it’s been either/or, all-or-nothing. The keys are transparent to the VMs and managed by the protected hypervisor.

 

SVE doesn’t just work for static VMs; it also supports migrating VMs from one server to another while maintaining encryption throughout the process.

 

Then there is the Platform Security Processor (PSP), an ARM Cortex-A5 core on the Epyc die that controls the boot process and system security, and basically operates similar to Intel’s Management Engine in the Xeon. It provides secure boot and has full TPM functionality.

https://www.networkworld.com/article/3204013/servers/epyc-win-for-amd-in-the-server-security-battle.html

 

I guess now is a good time for AMD to send some pre-sales engineers to every cloud provider and put on their smug faces lol.

[Hellion]

On Thursday, January 04, 2018 at 12:15 PM, potoooooooo said:

I mean he's not wrong, but why is he relevant? When's the last time linus torvalds did something actually newsworthy?

Linux isn't relevant? Maybe you should tell that to all the major corporations that utilize the operating system on their servers that are basically the back bone to the internet.

[mr moose]

6 hours ago, Hellion said:

Linux isn't relevant? Maybe you should tell that to all the major corporations that utilize the operating system on their servers that are basically the back bone to the internet.

potoooooo did not say Linux isn't relevant, he said Torvolds wasn't. 

[N0rm]

Quote

Torvalds remains the ultimate authority on what new code is incorporated into the standard Linux kernel.

http://www.linuxfoundation.org/about/linux-foundation-fellows/

[spartaman64]

if linus has no idea how to make kernels and is completely incompetent then why would they use his kernel instead of making their own? is he the best kernel programmer in the world probably not but some of you guys think he has no idea what he is talking about

[spartaman64]

11 hours ago, mr moose said:

potoooooo did not say Linux isn't relevant, he said Torvolds wasn't. 

saying linus isnt relevant because he hasn't worked on linux in a while is like saying newton isnt relevant to physics because he didnt publish a physics paper in a while

[Drak3]

4 minutes ago, spartaman64 said:

if linus has no idea how to make kernels and is completely incompetent then why would they use his kernel instead of making their own? is he the best kernel programmer in the world probably not but some of you guys think he has no idea what he is talking about

The Linux kernel is not really his anymore. As its open source, literally anyone can adapt the kernel to their needs, and what the Linux kernel is today is far more due to the Linux development community than Torvalds.

 

All he did was make an acceptable kernel that was open source.

4 minutes ago, spartaman64 said:

saying linus isnt relevant because he hasn't worked on linux in a while is like saying newton isnt relevant to physics since he didnt publish a physics paper in a while

Except Newtons contributions to physics were unchanging laws that haven't been able to be improved upon since inception.

Torvald's original kernel has been improved upon significantly, with his (nigh worthless) contribution been saying yay or nay on what he liked, for only the official versions of the LTS and utmost current versions.

 

Older kernels, he stopped touching.

 

 

And the Linux developer community wants Torvalds out. He's what's holding Linux back at this point.

[spartaman64]

1 minute ago, Drak3 said:

The Linux kernel is not really his anymore. As its open source, literally anyone can adapt the kernel to their needs, and what the Linux kernel is today is far more due to the Linux development community than Torvalds.

 

All he did was make an acceptable kernel that was open source.

Except Newtons contributions to physics were unchanging laws that haven't been able to be improved upon since inception.

Torvald's original kernel has been improved upon significantly, with his (nigh worthless) contribution been saying yay or nay on what he liked, for only the official versions of the LTS and utmost current versions.

 

Older kernels, he stopped touching.

 

 

And the Linux developer community wants Torvalds out. He's what's holding Linux back at this point.

um have you heard about a guy named Einstein and a common misconception is that laws in science can never be changed while theories can until they become a law. a theory never becomes a law and laws can be disproven just as easily as theories. laws are about what happens and theories are about how it happens. newton's laws have been improved upon and physics and sciences in general are a great example of something that is "open source"

[Princess Luna]

This other Linus guy actually made me happy that I use Windows.

[Commodus]

35 minutes ago, Princess Cadence said:

This other Linus guy actually made me happy that I use Windows.

I've long thought that the advocates of the FOSS world tend to make good cases for embracing proprietary software -- it means you don't have to deal with them!

 

Richard Stallman is the other example.  He's so much of a hard-headed ideologue that his "freedom" actually traps him, preventing him from doing what most of us take for granted.  If he'd been in Tunisia during the Arab Spring, he'd have been too busy petitioning the regime to use Linux to bother stepping outside to secure real freedom (he'd probably have been unaware, since the protesters were using 'evil' proprietary Facebook and Twitter).  I suspect a Chinese iPhone user is far more liberated than Stallman will ever be.

[DaRk0]

Is that a guy who's always crying and showing middle fingers like 12 year old?

Don't get me wrong, I'm not defending Intel here, but man.. this guy is a circus.

[mr moose]

4 hours ago, spartaman64 said:

saying linus isnt relevant because he hasn't worked on linux in a while is like saying newton isnt relevant to physics because he didnt publish a physics paper in a while

In the context of this discussion absolutely he is irrelevant.  If Newton was alive to day and trying to tell Hawkins his black hole theory was wrong on similar unrelated experience then I would say the same about Newton (who is a personal hero of mine BTW).   Linus was something with regard to Linux , now he's not.  and even if he was, he is not a CPU engineer he is a software engineer.  I would not presume to tell a software engineer he was responsible for unforeseen bugs, Just like I would not expect anyone to tell me that a sudden blown speaker at a concert was due to my ineptitude as an sound engineer.

 

 

[Hellion]

7 hours ago, mr moose said:

Exactly what?   If you are going to be rude and childish at least explain what you are being childish about.

You claimed that Linus Torvalds was irrelavent to linux even though he still very much has a hand in the base OS.

 

Have you ever even used a linux distrobution before?

 

Even if we ignore the fact that you are clearly wrong, maybe we could just fall back on your mentality that you shouldn't be critizing him unless you have programmed an OS yourself.

 

Great logic, huh?

[N0rm]

More than a hand, he has the last word. He's what in open-source is called a Benevolent Dictator for Life.

[Bit_Guardian]

9 minutes ago, N0rm said:

More than a hand, he has the last word. He's what in open-source is called a Benevolent Dictator for Life.

I wouldn't quite call him that. Several developers, myself included, have beaten his and his favourite devs' designs in the past on performance and met every integration test requirement, but if you slightly disagree with his philosophies, he'll lock you out for life. That's one reason I commit to Clang more than anything else these days. It's actually fun crushing GCC and Linux underfoot as long as I can see him get visibly pissed off in person.

He's an arrogant, egotistical, experienced, intelligent, but jaded man-child.

[johnukguy]

On 1/4/2018 at 12:15 PM, potoooooooo said:

I mean he's not wrong, but why is he relevant? When's the last time linus torvalds did something actually newsworthy?

A few days ago. What he said is newsworthy in itself.

[leadeater]

Keep discussions on topic and refrain from personal arguments between each other.

[Nena Trinity]

He is right, Intel is full of BS...

[mr moose]

On 1/10/2018 at 11:55 PM, Hellion said:

You claimed that Linus Torvalds was irrelavent to linux even though he still very much has a hand in the base OS.

 

Have you ever even used a linux distrobution before?

 

Even if we ignore the fact that you are clearly wrong, maybe we could just fall back on your mentality that you shouldn't be critizing him unless you have programmed an OS yourself.

 

Great logic, huh?

 

You seem to be assuming I am some numpty with no experience.  Let me introduce myself for you:

 

1. I was studying processor design back in 1993 as part of my electronic engineering and computer sciences studies.

2. Since then I have been an IT technician, Hardware consultant,  domestic/commercial hardware installer/builder.

3. I ran an exclusive Linux house hold for many years until both my children needed to use windows pc's for school and I got back into gaming.  I now run freenas instead of debian for my file server because it is easier and with the later versions of windows I have no need for a hardware firewall anymore.

4. In the last 20 years I have associated with many IT professionals. Many of whom believe that currently Linux would be better without torvalds. 

 

As you can see (but probably will just ignore or dismiss) I have been apart of this industry building and consulting longer than most of LTT users have been alive.  I am by no means perfect and I do get things wrong (because I am human), but this does not make all my opinions and experience irrelevant.

 

 

Whether you like it or not, Linus not being relevant to Linux is a personal opinion held by not just me, but by many in the industry. It is not something you can just say is "wrong". Linus is to Linux what Steve jobs was to apple.  His sudden demise had no effect on their revenue, market share or industry relevance but apple wouldn't be what it is without him.  I love Linux, I still play around with it, I personally was in charge of a few Linux servers in my years in and out of the industry, but if Torvalds was to die tomorrow Linux would not get worse.

 

So as per my original comments,  Linus Torvalds is no more qualified to talk about CPU engineering failures than an Intel engineer is to complain about Linux security.   If he has something to say about the kernel or the software that runs on it then fine. But at the moment it seems he is the only software engineer that thinks Intel is making this worse.