Narcis Garcia wrote: >El 15/08/17 a les 17:04, Hendrik Boom ha escrit: >> What implications does this have for security? Allow me to shudder.
>As Far As I Know, CPU makes what software asks to do. >If software doesn't call some CPU functions, those functions will not work. The counter-argument is that hidden instructions may hide additional bugs because they are not being used as much as published instructions. Even without flaws, "private" instructions may do dangerous things such as bypassing inconvenient security restrictions. And just like cheat codes in games, the existence of such hidden functions is likely to leak to those interested in exploiting them. [Everyone chant the Konami Code.] Even if they stay in the "proper hands", how many flawless programs do you know of from the big vendors listed in the Bloomberg quote? If these instructions aren't being used, as Narcis Garcia suggests, why did the vendor ask for the instruction in the first place? And finally, when a program does something "impossible" that costs you money, which of the dozens of vendors of code running simultaneously accepts the blame? --Don _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng