On Sunday, 16 August 2020 at 01:14:08 UTC+8 Chris Laprise wrote:
> I'm not going to get into details now, but the short story is Intel > haven't addressed all the sidechannel vulnerabilities, and the long and > varied trend of Intel vulns points to a fundamentally flawed > implementation... too many cheap shortcuts were taken. > > Even worse is that Intel are now retiring their patch process for some > CPUs that are still popular with Qubes users, for example Ivy Bridge (I > expect Haswell to not be far behind if it hasn't already been ghosted). > To do this with a CPU that is 7 years old (when they announced it) is > very disappointing. > > IIRC for a relatively recent generation (I think it was Skylake!) they > said the expected mitigation was for You + Me to replace their junk with > newer hardware. No refund, no exchange program... just "We're the Big > Gorilla and you give us more of your money now". There's a lot of schadenfreude out there as Intel flounders with its delayed transistor nodes, frequent security failings, the very public dumping by Apple, and personnel issues. I think it's a good thing, since the company has basically become the Boeing of the processor industry (even before Boeing, since Spectre and Meltdown pre-dated the 737-MAX)--they're both venerable industry pioneers that have been consumed by corruption borne from complacency and needed good kicks in the pants. Whether the kicks will actually lead to substantial change remains to be seen, since they're too big to fail. AMD may be winning the PR race, but Intel is still very much virtually the sole supplier of laptop CPUs where I live--you'd have to actively dig around to find AMD laptops, and those you find are usually old and/or underpowered. I'd love an ARM Qubes. My dream PC would be a top-end ARM Macbook Pro with Qubes running on it (since this is a fantasy, it'd have all the MBP's security features, like the T2 chip, functioning). > Yes, rowhammer and its offshoots. Unfortunately, the changes in DDR4 > that were supposed to increase resistance were eventually discovered to > be cheap shortcuts themselves and have actually made the situation worse. > Ever get the feeling that the goal of truly secure computing is a sisyphean task? There's probably a mathematical formula out there proving that things above a certain degree of complexity cannot be guaranteed to be absolutely secure. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/61a11cb0-3148-4bbd-8810-316103b53d8cn%40googlegroups.com.
