while we're at Intel Core bugs

By: hobold (hobold.delete@this.vectorizer.org), November 12, 2019 3:10 pm
Room: Moderated Discussions
It seems Intel has finally found an effective way to silence those pesky security researchers. To make matters a little less bad, workarounds still show up in the Linux kernel. For example these two which I found highlighted over on Phoronix:

https://www.phoronix.com/scan.php?page=news_item&px=iITLB-Multihit-TAA-Kernel-Code

I think "TSX Asynchronous Abort" and "iITLB Multihit (NX) - No eXcuses" are not, first and foremost, security vulnerabilities. More like bugs with strong security implications. The interesting thing is that they both were found while probing specifically for vulnerabilities.

So yes, the good news is that these vulnerabilities do get more and more specific and niche. But IMHO the relevant good news is that the researchers are quickly getting better and better at finding these issues, even the more and more obscure ones. Eventually the testing methods will get automated enough to become part of the usual design validation. Hopefully.
 Next Post in Thread >
TopicPosted ByDate
while we're at Intel Core bugshobold2019/11/12 03:10 PM
  while we're at Intel Core bugshobold2019/11/13 05:30 AM
    while we're at Intel Core bugsChester2019/11/13 07:17 PM
      while we're at Intel Core bugshobold2019/11/14 02:09 AM
        while we're at Intel Core bugsChester2019/11/14 11:36 AM
          while we're at Intel Core bugshobold2019/11/14 01:13 PM
            while we're at Intel Core bugsGroo2019/11/15 09:25 AM
              while we're at Intel Core bugshobold2019/11/15 11:56 AM
                while we're at Intel Core bugsGroo2019/11/16 05:56 PM
Reply to this Topic
Name:
Email:
Topic:
Body: No Text
How do you spell purple?