there already existed a libc, compiler toolchain, shell, and a vast suite of programs people already wanted to use.
All created by those free software fans that "lacked the large corporate structure needed to produce anything as complex as an OS".
And a CPU architecture is the same. It's not enough to have a nice core, you have to also have cache, a system bus interface, a RAM interface, clock distribution, MMU, and so on. None of that stuff is easy or fun.
Everyone running an intel CPU will suddenly discover that they have 5-30% less processor than they paid for. In many cases, that difference would have resulted in going with the AMD processor. That is a real economic harm that deserves compensation.
That doesn't mean justice will be done, the courts often bend over backwards and grab their ankles for large corporations, but morally and ethically, Intel owes a lot of people a pile of cash.
Risk isn't just a matter of how likely the discovery is, but how serious it is and how widespread the negative impact is. Given that Meltdown affects a huge population, even a tiny chance of discovery represents a huge risk, Intel doesn't want to do a recall since even chipzilla would be sunk by the cost. There's a big risk for you. Next time you consider Intel, just remember, you bought intel before and right now they're pointing at you and saying "HA-HA".
Of course, when Linux was new the argument was that an OS was just too big for a bunch of Free Software fans to manage. Only a big corporate structure could support development of anything as complex as an OS.
Open hardware is harder, but probably not impossible. It isn't a magic cure all, but it would tend to be free of corporate decisions like "we need 10% more performance, cheat here and nobody will notice" simply due to the open nature.
The patent swamp is a problem for that, but given how dependent the world is on secure digital hardware now, it's time to review the patent system. It may even become politically possible since it's to the point now where non-free hardware is hindering corporate profits.
Exactly this. The "cheating" is fine as long as the ultimate machine state is truly indistinguishable from what it would be without cheating from the viewpoint of the executing code. Meltdown is a case where that does not hold true, and even worse, can be forced reliably.
No, I was considering that. If My company uses a public cloud, one of those bad actirs MIGHT end up running in another VM on the same machine my VM is running on. If instead, I run on a server I actually own and use exclusively, even if I run several VMs, I can KNOW that the bad guy is NOT also running a VM on that server. At worst, another department in the same company might have a VM on the same hardware with me.
So if security is a concern at all, avoiding outsourcing VMs to the cloud is the right strategy.
That would be exactly opposite of the right strategy. As bad as information leaks between processes can be, it's worse when those other processes are owned by a different entity. Who would you rather be potentially able to read your banking details, a family member or some random guy whose name you don't know who could be living anywhere in the world?
This is a good point. If the machine lives in a protected environment where only approved software is used by authorized users, disabling the fix to avoid the slowdown might be the right thing.
But I'm pretty sure the slowdown in this case isn't FUD. Otherwise we'd hear Intel loudly denying it by now.
They don't have a choice. The cost is quite believable since the workaround involves mapping the kernel in and out of the process space for every system call. Keeping it mapped in and keeping the page tables hot in the cache helps performance a lot.
That bolster's AC's point. It looks like the Intel guys were going to cripple performance for everyone until the patch from AMD removed the unnecessary crippling from AMD processors.
Your points are why I support the basic income. Once we reach the point that nobody goes without food, clothing, shelter, and health care, work environments will necessarily shift in such a way that the people working can honestly be said to be there willingly. Perhaps by distributing the more odious duties more evenly, perhaps by paying enough that people find the exchange equitable. It would also apply more pressure to have machines do the less pleasant work.
We're starting to see it now. For example, garbage collector is a much less unpleasant job when it mostly consists of driving the truck and using a joystick to grab the cans with a hydraulic arm while still sitting in the truck.
When I take a taxi or buy a burger, I am not served by someone who was beaten, shipped over in a cargo hold, beaten some more, and told they will never be free unless they keep quiet and turn their paychecks over to their pimp. I do care if the people are there by their free will or as a result of human trafficing.
Might want to a little more charitable about the liver or one day someone will decide nobody pays for your heart problem because you refused to have a healthy drink from time to time. Besides, people who fry their livers drinking tend not to get a replacement liver anyway, they're considered a poor risk. The understanding that everyone has their own faults and follies is well understood across a wide variety of beliefs both religious and secular. Also the idea that sometimes bad things happen to good people.
Right, there were many good reasons to not take the call at face value. That doesn't mean ignore it entirely, it means go investigate. It certainly does not mean go shoot the first person who opens the door.
Notably, the approach you suggest was already tried and it got an innocent man killed. Why, when blessed with 20/20 hindsight you still advocate such a foolish approach is beyond me.
That's because you aren't also claiming the right to keep me from saying 'nice house' and building one just like it for myself.
If you want to write your great novel and lock it in a vault, passing it to your descendants, you're free to do so. Nobody will legally cut the vault open and abscond with your only copy.
If you choose, you may accept copyright which means that for a limited time (which exceeds your lifetime), society will grant you the exclusive right to make copies. Your descendant doesn't lose the right to make copies after the copyright expires, it's just that the government will no longer prevent others from doing so as well.
That hasn't even been the case in the U.S. for very long. Multi-generation homes used to be the norm here as well.
What makes him a man-child is that he gets crazy upset over a couple dollar bet in a video game, swats people and thinks it's funny, and denies all responsibility when the swatting he caused goes wrong and kills someone. Part of growing up is developing a sense of proportion and the understanding that actions have consequences.
And all of that is a problem. It SHOULD have caused a pause. When police take drastic action at the wrong house, people get hurt or die. Doesn't it seem worthwhile to avoid that?
Slashdot Mirror
Hard coded means written into the software as opposed to being user configurable. So the author is correct and you were wrong.
Hardcoded is why it takes a firmware update to change it rather than go to setup page x and uncheck the box next to "big security hole".
there already existed a libc, compiler toolchain, shell, and a vast suite of programs people already wanted to use.
All created by those free software fans that "lacked the large corporate structure needed to produce anything as complex as an OS".
And a CPU architecture is the same. It's not enough to have a nice core, you have to also have cache, a system bus interface, a RAM interface, clock distribution, MMU, and so on. None of that stuff is easy or fun.
And yet, RISC-V exists.
Everyone running an intel CPU will suddenly discover that they have 5-30% less processor than they paid for. In many cases, that difference would have resulted in going with the AMD processor. That is a real economic harm that deserves compensation.
That doesn't mean justice will be done, the courts often bend over backwards and grab their ankles for large corporations, but morally and ethically, Intel owes a lot of people a pile of cash.
Risk isn't just a matter of how likely the discovery is, but how serious it is and how widespread the negative impact is. Given that Meltdown affects a huge population, even a tiny chance of discovery represents a huge risk, Intel doesn't want to do a recall since even chipzilla would be sunk by the cost. There's a big risk for you. Next time you consider Intel, just remember, you bought intel before and right now they're pointing at you and saying "HA-HA".
Care to spin the wheel again?
Of course, when Linux was new the argument was that an OS was just too big for a bunch of Free Software fans to manage. Only a big corporate structure could support development of anything as complex as an OS.
Open hardware is harder, but probably not impossible. It isn't a magic cure all, but it would tend to be free of corporate decisions like "we need 10% more performance, cheat here and nobody will notice" simply due to the open nature.
The patent swamp is a problem for that, but given how dependent the world is on secure digital hardware now, it's time to review the patent system. It may even become politically possible since it's to the point now where non-free hardware is hindering corporate profits.
It does not. It was originally claimed that the memory protection was complete. It is obviously not.
Exactly this. The "cheating" is fine as long as the ultimate machine state is truly indistinguishable from what it would be without cheating from the viewpoint of the executing code. Meltdown is a case where that does not hold true, and even worse, can be forced reliably.
By level, I mean in terms of security.
No, I was considering that. If My company uses a public cloud, one of those bad actirs MIGHT end up running in another VM on the same machine my VM is running on. If instead, I run on a server I actually own and use exclusively, even if I run several VMs, I can KNOW that the bad guy is NOT also running a VM on that server. At worst, another department in the same company might have a VM on the same hardware with me.
So if security is a concern at all, avoiding outsourcing VMs to the cloud is the right strategy.
That would be exactly opposite of the right strategy. As bad as information leaks between processes can be, it's worse when those other processes are owned by a different entity. Who would you rather be potentially able to read your banking details, a family member or some random guy whose name you don't know who could be living anywhere in the world?
Actually, AMD is significantly harder to exploit than Intel. The performance crushing patch simply brings the Intel processor level with AMD.
But for those users that do have such a workload and cared enough to use SSD will be devistated by the performance loss.
It might be hard to prove in court, but given Intel's past behavior w/ the Intel compiler, it likely was intentional dirty pool.
This is a good point. If the machine lives in a protected environment where only approved software is used by authorized users, disabling the fix to avoid the slowdown might be the right thing.
But I'm pretty sure the slowdown in this case isn't FUD. Otherwise we'd hear Intel loudly denying it by now.
They don't have a choice. The cost is quite believable since the workaround involves mapping the kernel in and out of the process space for every system call. Keeping it mapped in and keeping the page tables hot in the cache helps performance a lot.
The real fix involves new silicon.
That bolster's AC's point. It looks like the Intel guys were going to cripple performance for everyone until the patch from AMD removed the unnecessary crippling from AMD processors.
Actually, it's a reference to a hex value that could trigger a nasty Pentium bug.
Your points are why I support the basic income. Once we reach the point that nobody goes without food, clothing, shelter, and health care, work environments will necessarily shift in such a way that the people working can honestly be said to be there willingly. Perhaps by distributing the more odious duties more evenly, perhaps by paying enough that people find the exchange equitable. It would also apply more pressure to have machines do the less pleasant work.
We're starting to see it now. For example, garbage collector is a much less unpleasant job when it mostly consists of driving the truck and using a joystick to grab the cans with a hydraulic arm while still sitting in the truck.
When I take a taxi or buy a burger, I am not served by someone who was beaten, shipped over in a cargo hold, beaten some more, and told they will never be free unless they keep quiet and turn their paychecks over to their pimp. I do care if the people are there by their free will or as a result of human trafficing.
You don't think they'd be at all interested in information that helps them make sure they're at the right place?
Even the pizza guy wants confirming information.
Might want to a little more charitable about the liver or one day someone will decide nobody pays for your heart problem because you refused to have a healthy drink from time to time. Besides, people who fry their livers drinking tend not to get a replacement liver anyway, they're considered a poor risk. The understanding that everyone has their own faults and follies is well understood across a wide variety of beliefs both religious and secular. Also the idea that sometimes bad things happen to good people.
Right, there were many good reasons to not take the call at face value. That doesn't mean ignore it entirely, it means go investigate. It certainly does not mean go shoot the first person who opens the door.
Notably, the approach you suggest was already tried and it got an innocent man killed. Why, when blessed with 20/20 hindsight you still advocate such a foolish approach is beyond me.
That's because you aren't also claiming the right to keep me from saying 'nice house' and building one just like it for myself.
If you want to write your great novel and lock it in a vault, passing it to your descendants, you're free to do so. Nobody will legally cut the vault open and abscond with your only copy.
If you choose, you may accept copyright which means that for a limited time (which exceeds your lifetime), society will grant you the exclusive right to make copies. Your descendant doesn't lose the right to make copies after the copyright expires, it's just that the government will no longer prevent others from doing so as well.
That hasn't even been the case in the U.S. for very long. Multi-generation homes used to be the norm here as well.
What makes him a man-child is that he gets crazy upset over a couple dollar bet in a video game, swats people and thinks it's funny, and denies all responsibility when the swatting he caused goes wrong and kills someone. Part of growing up is developing a sense of proportion and the understanding that actions have consequences.
And all of that is a problem. It SHOULD have caused a pause. When police take drastic action at the wrong house, people get hurt or die. Doesn't it seem worthwhile to avoid that?