We see a lot of dynamic languages like Python or Lua and they are ok.
If time-to-market is your most important concern, then dynamic languages seem to do the job. My observation is that one reason why is that in a dynamic language, that fewer bugs have to be fixed before deploying. This is why languages like Python feel more productive than they are.
Languages with lots of static checking won't let you compile, let alone deploy, certain classes of bug, particularly if you wrote your code to use the static analysis rather than to circumvent it.
It kind of is. If you take Modula-3 and give it a curly braces syntax, you essentially get Java 1.0.
Programmers seem to like curly braces because they are visually lighter than Wirth keywords like begin and end; it's the same reason why we seem to prefer Haskell to ML given the choice.
If someone wants to re-engineer Object Pascal with a modern syntax, I would definitely appreciate it.
I have read a description. It sounds like many other exploits I've seen over the years which use an optimisation as an unanticipated attack vector, like DoS attacks which attack a hash table by crafting requests that fall into the same chain.
It's not a bug in the sense that the system is doing what it was designed to do. Many eyes have looked at the spec and not noticed that it was exploitable. If you think it's so bungled, why hadn't one of the Linux or BSD devs discovered it before now?
There is a large.class of engineering failures which some refer to as "BAD" (i.e. Based on Available Data).
I'm not sure you can even call this a "defect". The CPU is working as advertised, and it's not like it's insecure by design.
If anybody sues Intel, they'll be suing Intel only for providing an optional feature that makes computations faster.
Had this problem surfaced in the mid-90s, lots of OS researchers (yes, including Andrew Tanenbaum) would have argued that the CPU wasn't at fault, the operating system was.
Note that the same argument can be used to show that 2^(4n)-1 is divisible by 15.
In general, 2^(mn)-1 is divisible by 2^m - 1 (and without loss of generality 2^n - 1). It follows that if p is not prime, 2^p-1 isn't prime either. And that is how I instantly knew that 2^98,435,672-1 couldn't possibly be prime.
"Fan fiction"? No, "fiction" implies that he made it up. True, he has form for that, but in this case it's probably more like an extended gossip column than outright fabrication.
Mind you, that in itself is valuable. It may not portray Trump accurately, but it probably portrays what people close to Trump think about Trump accurately.
My understanding is that Linux shares the space to make lots of kernel services convenient (e.g. they can do things to userspace memory, as part of their job).
Yes. There is always a tradeoff between security and programmer convenience. And by that I mean kernel programmer convenience, not user-space programmer convenience.
Microkernels certainly do have to mess with user space to implement anything interesting with virtual memory, for example. The difference is that microkernels only typically have to implement this once.
For example, consider the case where a user program needs a large block of data from somewhere else. The kernel could copy this into user space, or if it really cares about performance, it could just memory-map it and save having to copy it. Memory-mapped files are one common example; the kernel is maintaining a buffer cache anyway, so why not just map it into the address space of anyone who needs it?
Now suppose you had a microkernel that did this with IPC. It carefully looks at an IPC request, and if it seems more efficient and just as safe to do so, it could share pages between a server and a client instead of copying data.
Now you also have memory-mapped pipe I/O, and memory-mapped networking... all for essentially free.
If I understand it correctly (*) by reading the beginning of the report, browser-run Javascript code could be crafted to read not only anywhere within the browser's address space, but the *entire* CPU address space. Serious enough?
That is indeed a serious flaw in the Javascript implementation, yes.
Firefox is said to be getting a workaround that decreases the precision of its Javascript-available timers in order to prevent exploiting this.
And as the other commenter noted, this is an extremely shitty fix.
The phrase "largest prime number discovered" refers to the largest prime that has been discovered. I know English is a hard language, but it's not that hard.
Having said that, pity the Slashdotter who needs "raising a number to the power of two" explained to them.
That doesn't mean that Javascript code can do arbitrary shenanigans, though. If you can write browser-run Javascript which can read memory from an arbitrary location in the browser's address space (for example), that'd probably be more serious than the Intel chip bug.
More to the point, on x86 architectures, running in 64-bit mode requires virtual memory. There is no such thing as 64-bit real mode (although you can identity map memory to emulate it).
At one point, Forcefully Unmap Complete Kernel With Interrupt Trampolines, aka FUCKWIT, was mulled by the Linux kernel team, giving you an idea of how annoying this has been for the developers.
Someone on LKML using the word "fuckwit" is what Linux developers call "a normal Wednesday".
Slashdot Mirror
We see a lot of dynamic languages like Python or Lua and they are ok.
If time-to-market is your most important concern, then dynamic languages seem to do the job. My observation is that one reason why is that in a dynamic language, that fewer bugs have to be fixed before deploying. This is why languages like Python feel more productive than they are.
Languages with lots of static checking won't let you compile, let alone deploy, certain classes of bug, particularly if you wrote your code to use the static analysis rather than to circumvent it.
Seriously, why is pascal not used much anymore?
It kind of is. If you take Modula-3 and give it a curly braces syntax, you essentially get Java 1.0.
Programmers seem to like curly braces because they are visually lighter than Wirth keywords like begin and end; it's the same reason why we seem to prefer Haskell to ML given the choice.
If someone wants to re-engineer Object Pascal with a modern syntax, I would definitely appreciate it.
If your C standard library doesn't have ffs(), then... sorry, Windows user. I guess there's always _BitScanForward or __lzcnt.
Oh, and if your CPU uses clz to count trailing zeroes, you should report that as a bug.
OK that is a fair comment. I was thinling of the variants that affected AMD and ARM when I said it didn't feel like a defect.
You want a page that you can't access to look precisely like a hole. But you also want it to time precisely like a hole too.
I have read a description. It sounds like many other exploits I've seen over the years which use an optimisation as an unanticipated attack vector, like DoS attacks which attack a hash table by crafting requests that fall into the same chain.
It's not a bug in the sense that the system is doing what it was designed to do. Many eyes have looked at the spec and not noticed that it was exploitable. If you think it's so bungled, why hadn't one of the Linux or BSD devs discovered it before now?
There is a large.class of engineering failures which some refer to as "BAD" (i.e. Based on Available Data).
I'm not sure you can even call this a "defect". The CPU is working as advertised, and it's not like it's insecure by design.
Had this problem surfaced in the mid-90s, lots of OS researchers (yes, including Andrew Tanenbaum) would have argued that the CPU wasn't at fault, the operating system was.
Note that the same argument can be used to show that 2^(4n)-1 is divisible by 15.
In general, 2^(mn)-1 is divisible by 2^m - 1 (and without loss of generality 2^n - 1). It follows that if p is not prime, 2^p-1 isn't prime either. And that is how I instantly knew that 2^98,435,672-1 couldn't possibly be prime.
Very good. To lay this out formally, you should say up front that you're using proof by truthiness.
Good stuff!
It's often the case that there's no problem until there's a problem.
"Fan fiction"? No, "fiction" implies that he made it up. True, he has form for that, but in this case it's probably more like an extended gossip column than outright fabrication.
Mind you, that in itself is valuable. It may not portray Trump accurately, but it probably portrays what people close to Trump think about Trump accurately.
Well, you could load up x86/x64 code via JavaScript typed arrays or blobs.
If you can already do that, an external hacker probably doesn't need to read kernel memory.
Nice argument!
That was clearly too easy. Show that 2^98,435,672 - 1 is divisible by 5.
+1, appropriately pedantic
What if the microkernel doesn't share the same address space as the userspace processes?
Before PCID (and in a sense, before 64-bit), microkernel OSes on x86 pretty much had to. L4 famously mapped commonly-used servers into everyone's address space for performance reasons.
My understanding is that Linux shares the space to make lots of kernel services convenient (e.g. they can do things to userspace memory, as part of their job).
Yes. There is always a tradeoff between security and programmer convenience. And by that I mean kernel programmer convenience, not user-space programmer convenience.
Microkernels certainly do have to mess with user space to implement anything interesting with virtual memory, for example. The difference is that microkernels only typically have to implement this once.
For example, consider the case where a user program needs a large block of data from somewhere else. The kernel could copy this into user space, or if it really cares about performance, it could just memory-map it and save having to copy it. Memory-mapped files are one common example; the kernel is maintaining a buffer cache anyway, so why not just map it into the address space of anyone who needs it?
Now suppose you had a microkernel that did this with IPC. It carefully looks at an IPC request, and if it seems more efficient and just as safe to do so, it could share pages between a server and a client instead of copying data.
Now you also have memory-mapped pipe I/O, and memory-mapped networking... all for essentially free.
If I understand it correctly (*) by reading the beginning of the report, browser-run Javascript code could be crafted to read not only anywhere within the browser's address space, but the *entire* CPU address space. Serious enough?
That is indeed a serious flaw in the Javascript implementation, yes.
Firefox is said to be getting a workaround that decreases the precision of its Javascript-available timers in order to prevent exploiting this.
And as the other commenter noted, this is an extremely shitty fix.
The phrase "largest prime number discovered" refers to the largest prime that has been discovered. I know English is a hard language, but it's not that hard.
Having said that, pity the Slashdotter who needs "raising a number to the power of two" explained to them.
I have to wonder if looking for just Mersenne primes will reveal anything interesting about the primes in general. It seems unlikely to me.
Having said that, finding a pattern in the Mersenne exponents would be very interesting indeed.
Exercise for the interested maths nerd: Prove that if q is any even number, then 2^q - 1 is divisible by 3.
Obligatory.
That doesn't mean that Javascript code can do arbitrary shenanigans, though. If you can write browser-run Javascript which can read memory from an arbitrary location in the browser's address space (for example), that'd probably be more serious than the Intel chip bug.
More to the point, on x86 architectures, running in 64-bit mode requires virtual memory. There is no such thing as 64-bit real mode (although you can identity map memory to emulate it).
At one point, Forcefully Unmap Complete Kernel With Interrupt Trampolines, aka FUCKWIT, was mulled by the Linux kernel team, giving you an idea of how annoying this has been for the developers.
Someone on LKML using the word "fuckwit" is what Linux developers call "a normal Wednesday".
It also did not escape my notice that they waited for Tom Petty to die before they sued on his behalf.
I was specifically responding to the claim that C++ wasn't helpful. There is an argument that there was less of an advantage before Modern C++.