[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Intel design flaw


A *competent* CPU engineer would fix this by making sure speculation
> doesn't happen across protection domains. Maybe even a L1 I$ that is
> keyed by CPL.


Aye, too many people have this defeatist attitude that since perfect
> security will never be possible, therefore the only valid solution is
> reactive security (bug-patch cycles). Patch dependence is considered too
> entrenched for making some changes like replacing ambient authority with
> capabilities, using failure-oblivious computing [1] to redirect invalid
> reads and writes, using separation kernels, information flow control,
> proper MLS [2], program shepherding for origin and control flow monitoring
> [3] and general fault tolerance/self-healing [4].
> I used to look up to Linus Torvalds as many did, but am increasingly
> beginning to see him as a threat to the advancement of the industry with
> his faux pragmatism that has led him to speak out against everything from
> security to microkernels and kernel debuggers.
> [1] https://www.doc.ic.ac.uk/~cristic/papers/fo-osdi-04.pdf
> [2] http://citeseerx.ist.psu.edu/viewdoc/download?doi=
> [3] https://www.usenix.org/legacy/events/sec02/full_papers/kiria...
> [4] https://www.cs.columbia.edu/~angelos/Papers/2007/mmm-acns-se...
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 2274 bytes
Desc: not available
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20180104/0b0e6f42/attachment.txt>