LWN: Comments on "Huang: Spectre/Meltdown Pits Transparency Against Liability"

Is the Second Law of Thermodynamics illegal?

flussence — Wed, 28 Feb 2018 22:43:26 +0000

I've seen creative types migrating away from Photoshop to using iPads, so I guess the performance is equivalent to those people. There's no shortage of other white-collar productivity software behind the aluminium curtain, and it's slowly becoming (if not already) a de-facto standard platform for lack of anyone else trying. Chromebooks aren't going to cut it as long as they're positioned as deliberately under-specced thin client toys.

Is the Second Law of Thermodynamics illegal?

Cyberax — Tue, 20 Feb 2018 09:28:03 +0000

ARM64 is not _quite_ at the level of the Intel mess, but it's definitely getting there. And it turns out that providing a few legacy features is not a big deal for heavily microcoded CPUs anyway.

I'm following the ARM64 server development and right now they are still not competitive with Intel on pure top performance or even performance per watt. The only niche that ARM servers are carving out is in custom devices that run specialized co-processor hardware, mostly because with ARM you can license a CPU and use it as a building block for your own silicon. For example, network firewalls with packet engines integrated into the same chip with CPU.

And I have a feeling that once ARM64 becomes as performant as Intel, it'll be in the same deep hole.

Is the Second Law of Thermodynamics illegal?

mjg59 — Tue, 20 Feb 2018 02:47:20 +0000

Have we seen evidence of desktop-class ARM chips that provide significant wins on power while providing equivalent performance?

Is the Second Law of Thermodynamics illegal?

flussence — Tue, 20 Feb 2018 01:40:31 +0000

There's a looming existential threat to Intel on the horizon: ARM64 becoming stable. Intel's castle is built on 40 years of legacy IBM PC cruft and other platforms don't have that kind of stability/predictability, at least not the ones normal people can afford. But now there's this push in server space to give ARM luxuries like ACPI and PCI.

Once it matures a bit I can see it being marketed directly to large enterprise customers as a desktop PC upgrade, playing up the angle of electricity/cooling cost savings.

Huang: Spectre/Meltdown Pits Transparency Against Liability

zlynx — Tue, 06 Feb 2018 19:39:58 +0000

That isn't Intel's fault. They've provided how many ways to separate things? At least four that I count. Operating systems could have implemented them and didn't.

Look at how quickly Meltdown patches were available. Based on code that had already been written but no one wanted to use because of performance issues. How is that Intel's problem?

I suppose Intel should have just stripped off backward compatibility and forced people to use the "correct" methods. Yes, that went over really well with Itanium.

Is the Second Law of Thermodynamics illegal?

dgm — Mon, 05 Feb 2018 16:44:07 +0000

So, is Intel "too big to fail" now?

Is the Second Law of Thermodynamics illegal?

immibis — Mon, 05 Feb 2018 04:49:04 +0000

Trust me, you do not want Intel to be sued out of existence. Everything depends on them.

I'm not saying they shouldn't be sued though.

Huang: Spectre/Meltdown Pits Transparency Against Liability

ballombe — Sun, 04 Feb 2018 14:19:07 +0000

My point is, if Intel architecture had separated kernel and user-space pointers, then meltdown would be a non-issue since there would be no way to cross the kernel-user boundary in the first place. By failing to implement basic protections, a small mistake become a major problem.

Is the Second Law of Thermodynamics illegal?

mpr22 — Sun, 04 Feb 2018 11:07:22 +0000

"Consumers" includes "people who play video games". People who play video games will certainly notice a 25% CPU performance loss.

Is the Second Law of Thermodynamics illegal?

h2 — Sun, 04 Feb 2018 02:05:38 +0000

To me this simply means that Intel et al were basically selling overclocked gear, that is, while it say, might have claimed 3.8 Ghz, it was actually only about about 2.8 or so. Similar in a sense to arguing that kids overclocking their cpus then burning them out and other negative results were somehow not accountable.

I take away from this this that in some areas, basically if you restore the safe practices, and get rid of the hacks, we're simply running cpus that are actually 75% of the speed they were sold as.

I've personally never needed any of the new speeds, sure, if I compiled all the time, but all one needs there is a secured box that only indirectly touches the internet, and a speed drop of 25% to restore safe parameters isn't really meaningful... to consumers..... now to corporates, and corporate types, it's a whole different ballgame, since they are using all the system capacity, otherwise they would be wasting their investment money, so it's clear why corporate linux is so unsure re how to handle this.

The easiest way it seems to me while waiting for the clever linux kernel, or bsd kernel, lads to have enough time to see if there is a good solution.

The notion that tech can just keep expanding and increasing speeds endlessly without consequence has always been a fantasy coolaid drunk best by those whose salaries depend on not questioning such notions.

Huang: Spectre/Meltdown Pits Transparency Against Liability

ThinkRob — Sun, 04 Feb 2018 01:42:34 +0000

I guess the counter to that counter is that there is some element of trust in any commercial transaction. At least in a legal setting*, there is a notion that while the purchaser of a good is responsible for making sure that the good does what they want, there are often exceptions made when there is a common understanding of what a good is supposed to do and that understanding is violated by a seller.

As an example: if you expect a pan for your kitchen to be non-stick, you need to check for that bullet point when buying it. If you expect a pan not to explode when you overheat it, well... you won't be refused relief just because you didn't run your own safety tests before using it. Why? Because no reasonable person would expect that behavior, and it's *so* far out of left field that nobody would ever think to check for that even if they did have a good way to do so pre-purchase.

Now in this case [Intel's] it gets tricky. The average person is so far removed (experience-wise) from even beginning to understand what the issue is and how to test for/mitigate it that I'm interested to see exactly how that argument would fly. I mean yes, it is reasonable to expect the CPU not to completely undermine (among other things) the ring 0/1 split... but it's only reasonable for us nerds. The vast majority of purchasers of Intel hardware have precisely zero idea what ring 0 even is, let alone how process separation should work.

My guess is that the lawyers simply wouldn't bother. There's plenty to be gained by them arguing that Intel failed to act responsibly by continuing to sell the CPUs with no warning *after* the vuln. was disclosed to them that I bet that anyone going after Intel would focus on that first. Seems like a cleaner line of attack.

---

* I'm not a lawyer. This is just my understanding from having read about consumer rights, the legal implications of warranties, etc. Also, I don't know much of anything about non-US consumer rights.

Is the Second Law of Thermodynamics illegal?

Wol — Sat, 03 Feb 2018 12:06:17 +0000

> If a seller knows about an issue with a product which can reasonably be expected to negatively impact the buyer, and yet proceeds with the sale under the pretense that there is nothing wrong, then that seller is committing fraud and should be held liable for any harm which may come to the buyer as a result of that issue.

If a seller uses that as an excuse to withdraw a product from the market, which then MASSIVELY and NEGATIVELY disrupts that market, causing extensive damage to the supply chain ...

Unfortunately, it's not black-and-white. What would happen to the computer market if Intel unilaterally stopped supplying processor chips to PC makers?

I can understand your frustration, but there's no point fixing one problem by creating a much bigger one ... and much as I don't want to buy chips that are known to be "broken" at point of sale, I want even less to throw half the supply chain on the dole.

This is basically down to our obsession with "cheap at any price".

Cheers,
Wol

Huang: Spectre/Meltdown Pits Transparency Against Liability

zblaxell — Fri, 02 Feb 2018 18:34:40 +0000

I am waiting to read the section of court transcript where plaintiff says

defendant should be liable because these assorted problems were well known in the art around 1973

and defendant says

...and you bought our chips in 2017. What's your point?

Huang: Spectre/Meltdown Pits Transparency Against Liability

ballombe — Fri, 02 Feb 2018 15:00:11 +0000

To me the big Intel failing is to have never implemented security features like separate kernel/userspace pointers that were available in high-end CPU twenty years ago.

Is the Second Law of Thermodynamics illegal?

teknohog — Fri, 02 Feb 2018 13:12:04 +0000

> I think Wol's comment is reasonably accurate if you remove the reference to Meltdown

I agree. There are two quite separate issues, so they should be discussed separately. Most of the criticism here is about Meltdown, and the fact that Intel knowingly sold faulty processors for some time before the fixes were available. I believe some of the criticism should also go towards the design/testing practices at Intel that allowed Meltdown to happen in the first place.

Not to sound like a broken record, but lumping Meltdown and Spectre together into one issue muddles the discussion and can be seen as Intel whitewashing.

Is the Second Law of Thermodynamics illegal?

excors — Fri, 02 Feb 2018 11:32:47 +0000

Meltdown seems easily avoidable (and is avoided by AMD), but Spectre doesn't (and isn't). I think Wol's comment is reasonably accurate if you remove the reference to Meltdown - that's merely a bug, whereas Spectre (in its most general form) is a pretty fundamental consequence of modern high-performance CPU architecture. Speculative execution necessarily means executing instructions before you know they're valid, and there's no way to ensure invalid instructions will satisfy the software's desired security properties (like not leaking secret data through covert channels), since those security properties are only defined at a much higher level and are invisible to the hardware.

Is the Second Law of Thermodynamics illegal?

teknohog — Fri, 02 Feb 2018 11:01:08 +0000

> these Meltdown/Spectre bugs appear to be an UNAVOIDABLE consequence of multi-threading/speculation/what-have-you. If we want our chips to run faster, then these information leaks are going to happen, and there is NOTHING we can do to stop them.

Yet somehow, AMD managed to avoid Meltdown altogether. By not speculating across permission barriers.

Huang: Spectre/Meltdown Pits Transparency Against Liability

nim-nim — Fri, 02 Feb 2018 09:28:29 +0000

There's a *huge* difference between disabling broken CPU features at boot, and advertising the result to prospective buyers without the disabled features, and silently selling for half a year hardware, that you know will need some form of major disabling later, without informing the people you're selling to.

Is the Second Law of Thermodynamics illegal?

balkanboy — Fri, 02 Feb 2018 04:46:25 +0000

Provided Intel executives aren't engaged in some late night document/file shredding sessions right about now, if the class action lawsuits discovery process shows they had even an inkling of what might be coming because of the way they architected the CPUs, namely sacrificing everything at the altar of performance - including security - rather than identifying and making reasonable trade-offs, then you can bet your bottom dollar they WILL be held accountable...

If that is the case - and I have little reason to suspect it's not - that they did in fact know of the potential damage their unsound CPU architecture could cause by documenting it somewhere in some footnote... then they deserve to be sued out of existence.

I think the fallout we've seen so far is just a tip of the iceberg and a preview of the multi-year shitstorm coming Intel's/our way.

Is the Second Law of Thermodynamics illegal?

nybble41 — Fri, 02 Feb 2018 03:48:17 +0000

> Are we demanding perfection in an imperfect world?

Maybe some people are. As for me, however, I don't expect Intel to accept liability for issues they didn't know about, or potential vulnerabilities which were generally believed to be non-exploitable at the time of sale. I am not personally a fan of mandatory warranties and feel that they *should* be able to disclaim all liability for risks of this nature (with the buyer's explicit agreement, naturally).

No, the only thing I believe Intel should be liable for is continuing to sell the vulnerable products after they became aware of the issue, without informing the buyers. If a seller knows about an issue with a product which can reasonably be expected to negatively impact the buyer, and yet proceeds with the sale under the pretense that there is nothing wrong, then that seller is committing fraud and should be held liable for any harm which may come to the buyer as a result of that issue. That is not making the seller responsible for events outside their control—"demanding perfection"—but rather holding them accountable for their own deliberate choice to withhold known information about the product from the buyer, information which was clearly relevant to the buyer's decision to purchase and use the product.

Is the Second Law of Thermodynamics illegal?

davecb — Fri, 02 Feb 2018 00:26:59 +0000

With respect, Bunny is doing nothing of the sort: he's aking for a chance to address problems *we have ignored since the 6130*. And yes, the Multics emulator on intel had to do handsprings to properly emulate the check-access-before-acessing logic of the 6130 and the DPS-8M.

Is the Second Law of Thermodynamics illegal?

Wol — Thu, 01 Feb 2018 22:36:25 +0000

Are we demanding perfection in an imperfect world? Too often, we demand certainty, when the laws of nature say that is impossible. We demand ZERO risk, when undertaking actions which are inherently risky (like walking down the street expecting not to drop dead of a heart attack).

Just because something is unlikely doesn't mean we can demand that it goes away.

I've said it elsewhere - these Meltdown/Spectre bugs appear to be an UNAVOIDABLE consequence of multi-threading/speculation/what-have-you. If we want our chips to run faster, then these information leaks are going to happen, and there is NOTHING we can do to stop them. We can try and mitigate them, but that doesn't seem to be enough for many people.

Unfortunately, if Society doesn't want to face up to the fact that "life is a terminal disease", then we have to try and educate them. And yes, I agree with a lot of what Huang says, but we have to try and educate the public that no, they cannot demand compensation just because nature does what nature does, and that when things like this go wrong it is unfortunately an inevitable consequence of doing those things.

Cheers,
Wol