Re: Torvalds Slams Theoretical Security

On 21/10/24 21:07, Lester Thorpe wrote:

Distro maintainers, and their lackey consumers, who bloat their GNU/Linux
distros with performance degrading security "features" should take note
of the latest exclamations of Linus Torvalds:
 "Honestly, I'm pretty damn fed up with buggy hardware and completely theoretical
attacks that have never actually shown themselves to be used in practice."

Some facts : it seems that most recent Intel's advanced systems 1) have some millions circuits of unpredictable use and 2) a fully functional "minix" OS hardwired in the hardware and running at 0 (or negative) privilege level ... to do what ?
The Linux OS loaded later cannot even see all this, running on top of a magmatic ocean, with direct access to network chip too.
So, maybe, a lot of "attacks" could be operating daily without even being noticed, since they don't do direct damage.
And the kind of attack could be not intrusive, just DATA STEALING for surveillance goals, traveling stealthily from the machine to some vigilant ear somewhere.
But the even more sad truth is : there is nothing that the OS developers can do to mitigate this, not even to detect sth strange is happening.

 https://linux.slashdot.org/story/24/10/21/1533228/linus-torvalds-growing-frustrated-by-buggy-hardware-theoretical-cpu-attacks
 Tell 'em, Linus!  Those paranoid freaks are ruining desktop computing!
 To keep my workstation free of these ridiculous "mitigations" I have
to devote some slightly significant time -- and I don't like it.
 At the very least, separate the desktop workstation from the public-facing
sever as these have COMPLETELY DIFFERENT "security" concerns.
 I am sick of these "the sky is falling" security-obsessed idiots.

well, the sky has just fallen, it's just that we pretend it is still there above :(

 

--
1) Resistere, resistere, resistere.
2) Se tutti pagano le tasse, le tasse le pagano tutti
MarioCPPP