Thumbs down do to the title of the video. Will block this user. This is a terrible title and clickbait good info on security, but the title is clickbait the video should be removed or re named
Thumbs down do to the title of the video. Will block this user.This is a terrible title and clickbait good info on security, but the title is clickbait the video should be removed or re named
"You don't need to know that much, only a little bit about programming"; proceeds to talk about complex hardware security architecture and it's flaws that can lead to complex side channel attacks on the cache and shows x86 assembly (assembly being the hardests programming language to read in a short amount of time). Lol. I learned this shit in my graduate computer science systems classes. I know we see it as simple, but other people see it for the black magic it is.
Although clearly an experienced and talented core kernel developer, this talk is mostly self-congratulatory about being "right" about something, aimed to boost his own ego for that reason. The technical parts are rushed, convoluted and difficult to understand even for programmers, and not explained well. He is not giving the talk in the spirit of furthering learning, he is giving the talk to further his own ego while attacking Linus Torvalds for being "wrong" once. There is no right and wrong, only shades of grey. You would not see Linus first taking a selfie in front of a room of people while congratulating himself about his work being all over the Kernel. I would not enjoy working with him despite his skills. His is quite childish.
I don't mind your critique, I just flew in from Lyon and had only 2 hours of sleep before giving this talk. I wasn't focused and gave a much better version of it at an Open Source Summit, but that wasn't recorded. I had a hard time focusing during the talk and was quite disappointed in my performance by the end of it, and was really just trying to get through it. My cracks at Linus was more for humor. If you took it as ego, I'm fine with that 😉
Such a good talk with a build-up tension and resolution, but he never really said outright whether any one of the kernel devs just confronted Linus and said, "Hey, you are hanging onto solution 3/4 just because it deletes your 1991 code? Isn' that a bit egotistical?" Steven left me the impression no one offered this argument, they only suspected it and then only offered technical arguments. I rather suspect not, because my CPU speculates telling Torvalds he is being egotistical could be met with a blank stare and crickets! Like telling Mike Tyson he punches a bit too hard.
I was thinking the same thing. If I was in the audience I would've asked something like "how much did you directly discuss Linus' motivations for preferring solution X over Y?"
Spectre and Meltdown are both a whole series of different related vulnerabilities. They effected at least: Intel, AMD, ARM, MIPS, PowerPC. But not: RISC-V and not Intel Itanium. At least RISC-V does things in a similar way but not all the things needed to hit into the problem. But in theory new designs of chips could have been affected too. Obviously they know about these things now, so it will probably not happen. Different processors series/types/models of each architecture were affected in different ways.
@@Drewitall54 You were right, AMD wasn't effected by Meltdown, even though it did effect some other architectures as well. On AMD Spectre it was 2 variants, but 1 of them was supposedly "near zero risk of exploitation" and did get fixes just in case. So if it causes a slow down, you are effected anyway.
Just one question here: Are we talking of a hardware bug, which was fixed at the OS level ? The most interesting question to me is : Did it HAVE to be fixed at the OS level, and why ? Is the only reason is because hardware bugs cannot be patched (And should they not ? ). I mean If I find a bug in a software, I don't build another software on top of it to fix the bug. I just fix the bug in the original software. Yeah, only question I really am interested in here. The why. If anyone ahs any reference on any study which develops on the question, I am very much interested into those.
The hardware bugs can be patched, as in: the way the hw works can be changed in subsequent products, but the fact is that you'll have all the machines built before the fix still be vulnerable to the exploit. In order to avoid (almost?) every x86 processor in the world becoming a security issue, you have to make a software workaround which fixes it. Sure, the hardware might perform a bit worse overall after the sw fix, but you don't have to bin (in some cases) millions of dollars of hardware to maintain data security/service uptime. This is my understanding of it... I might be wrong, though. Not the sharpest tool in the shed, me. XD
The reason is actually very simple. While new devices can have the bug mitigated any existing devices will bear it and there is no way to "patch" hardware without providing new hardware
Well, you can't fix physical things remotely. Meltdown/specter ARE bugs relating to hyperthreading. The actual cpu is bugged. Sometimes, when you run certain things, some programs can read data from other programs. By way of defective design of the cpu. The actual error is not in the software, but in the hardware of the machine. You run something that uses branch prediction and takes advantage of the way Intel designed hyperthreading and ooops... one unauthorized process can read data from a privileged/elevated process. Which shouldn't happen, but nobody designed for this. The way they suggested mitigating it is to disable hyperthreading. In other words, its unfixable. Other fixes include modifications at the OS level to NOT trust the cpu, which obviously increases the workload by about a quarter. I mean, its not like they can print you a new cpu. The worst part about it is that most modern intel cpus have been designed like this (meaning ALL), and will continue to suffer from this issue for prolly years to come. given that cpus are designed years in advance, and then you prepare the factory to make that cpu, and then you have to market it and sell it. So intel now has (or at least last year when i last checked) all but bugged cpus. Its a freaking disaster. To have to let the world know, the entire world is vulnerable. Its amazing Intel still exists...
Sometimes CPU flaws actually can be patched by microcode updates, other times the OS kernel tries to mitigate it. Early Pentium's had the F00F fp bug found shortly after launch and Intel replaced them under a warranty recall program. Software is often used to cover flaws in hardware, I had some frustration when an IDE patch which fixed a regression by reverting to set a hardware register like the older driver had done was NAKed by the new maintainer as it conflicted with the device documentation (which must have been incorrect, the original maintainer complained regularly about such issues, all I could do was record my disatisfaction with the regression not being fixed). Intel would presumably have to replace the old CPUs to fix their bug properly, which probably could not be manufactured anymore due to changes to the manufacturing process and new CPUs wouldn't function in the old motherboards, with some soldered not even socketed.
Not exactly a well prepared talk. Too chaotic and actually too much speculation on the motivation of Linus ESPECIALLY since he is "targeted" in the title. 5th talk my a$$ why should anyone care. Bad is bad.
Thumbs down do to the title of the video. Will block this user.This is a terrible title and clickbait good info on security, but the title is clickbait the video should be removed or re named
I want to have great respect for this guy. But rather than actually writing his own real time OS with a team of his own people. He is instead patching shyt linux.
Hardest stuff I've watched. Looking forward to coming back to it and understand more in six months or so.
Thumbs down do to the title of the video. Will block this user. This is a terrible title and clickbait good info on security, but the title is clickbait the video should be removed or re named
@@Adam01Time things of real value is our world is user value added NOT system value added.
Very informative. Great insights into the hardware bugs' issues.
Thumbs down do to the title of the video. Will block this user.This is a terrible title and clickbait good info on security, but the title is clickbait the video should be removed or re named
"You don't need to know that much, only a little bit about programming"; proceeds to talk about complex hardware security architecture and it's flaws that can lead to complex side channel attacks on the cache and shows x86 assembly (assembly being the hardests programming language to read in a short amount of time). Lol. I learned this shit in my graduate computer science systems classes. I know we see it as simple, but other people see it for the black magic it is.
I solved it through a hardware platform revision. An addition to the ATX standard.
How do they test this?
Using labs, with attack machines and targets. Basically a server that attacks itself.
Poor Linus :(
Although clearly an experienced and talented core kernel developer, this talk is mostly self-congratulatory about being "right" about something, aimed to boost his own ego for that reason. The technical parts are rushed, convoluted and difficult to understand even for programmers, and not explained well. He is not giving the talk in the spirit of furthering learning, he is giving the talk to further his own ego while attacking Linus Torvalds for being "wrong" once. There is no right and wrong, only shades of grey. You would not see Linus first taking a selfie in front of a room of people while congratulating himself about his work being all over the Kernel. I would not enjoy working with him despite his skills. His is quite childish.
I don't mind your critique, I just flew in from Lyon and had only 2 hours of sleep before giving this talk. I wasn't focused and gave a much better version of it at an Open Source Summit, but that wasn't recorded. I had a hard time focusing during the talk and was quite disappointed in my performance by the end of it, and was really just trying to get through it. My cracks at Linus was more for humor. If you took it as ego, I'm fine with that 😉
This is a much better talk, where I was actually awake.
czcams.com/video/JRyrhsx-L5Y/video.html
Yeah let's play with new toys, and let the user go to hell.
Such a good talk with a build-up tension and resolution, but he never really said outright whether any one of the kernel devs just confronted Linus and said, "Hey, you are hanging onto solution 3/4 just because it deletes your 1991 code? Isn' that a bit egotistical?" Steven left me the impression no one offered this argument, they only suspected it and then only offered technical arguments.
I rather suspect not, because my CPU speculates telling Torvalds he is being egotistical could be met with a blank stare and crickets! Like telling Mike Tyson he punches a bit too hard.
I was thinking the same thing. If I was in the audience I would've asked something like "how much did you directly discuss Linus' motivations for preferring solution X over Y?"
So Intel CPUs made Linux kernel less efficient. No wonder now Apple is going ARM.
Good thing I go with AMD
Spectre and Meltdown are both a whole series of different related vulnerabilities.
They effected at least: Intel, AMD, ARM, MIPS, PowerPC.
But not: RISC-V and not Intel Itanium. At least RISC-V does things in a similar way but not all the things needed to hit into the problem. But in theory new designs of chips could have been affected too. Obviously they know about these things now, so it will probably not happen.
Different processors series/types/models of each architecture were affected in different ways.
autohmae AMD wasn’t effected by meltdown, and was only effected by one Spector flaw
@@Drewitall54 You were right, AMD wasn't effected by Meltdown, even though it did effect some other architectures as well.
On AMD Spectre it was 2 variants, but 1 of them was supposedly "near zero risk of exploitation" and did get fixes just in case. So if it causes a slow down, you are effected anyway.
Its x86 thats the proprietary blocks
Just one question here: Are we talking of a hardware bug, which was fixed at the OS level ? The most interesting question to me is : Did it HAVE to be fixed at the OS level, and why ? Is the only reason is because hardware bugs cannot be patched (And should they not ? ).
I mean If I find a bug in a software, I don't build another software on top of it to fix the bug. I just fix the bug in the original software.
Yeah, only question I really am interested in here. The why. If anyone ahs any reference on any study which develops on the question, I am very much interested into those.
The hardware bugs can be patched, as in: the way the hw works can be changed in subsequent products, but the fact is that you'll have all the machines built before the fix still be vulnerable to the exploit.
In order to avoid (almost?) every x86 processor in the world becoming a security issue, you have to make a software workaround which fixes it.
Sure, the hardware might perform a bit worse overall after the sw fix, but you don't have to bin (in some cases) millions of dollars of hardware to maintain data security/service uptime.
This is my understanding of it... I might be wrong, though.
Not the sharpest tool in the shed, me. XD
The reason is actually very simple. While new devices can have the bug mitigated any existing devices will bear it and there is no way to "patch" hardware without providing new hardware
Well, you can't fix physical things remotely.
Meltdown/specter ARE bugs relating to hyperthreading. The actual cpu is bugged. Sometimes, when you run certain things, some programs can read data from other programs. By way of defective design of the cpu. The actual error is not in the software, but in the hardware of the machine. You run something that uses branch prediction and takes advantage of the way Intel designed hyperthreading and ooops... one unauthorized process can read data from a privileged/elevated process. Which shouldn't happen, but nobody designed for this.
The way they suggested mitigating it is to disable hyperthreading. In other words, its unfixable. Other fixes include modifications at the OS level to NOT trust the cpu, which obviously increases the workload by about a quarter. I mean, its not like they can print you a new cpu. The worst part about it is that most modern intel cpus have been designed like this (meaning ALL), and will continue to suffer from this issue for prolly years to come. given that cpus are designed years in advance, and then you prepare the factory to make that cpu, and then you have to market it and sell it. So intel now has (or at least last year when i last checked) all but bugged cpus. Its a freaking disaster. To have to let the world know, the entire world is vulnerable. Its amazing Intel still exists...
Tell me how will u patch millions of devices, plus i think that processors arent even ablw to be patched since theyre so delicate
Sometimes CPU flaws actually can be patched by microcode updates, other times the OS kernel tries to mitigate it.
Early Pentium's had the F00F fp bug found shortly after launch and Intel replaced them under a warranty recall program.
Software is often used to cover flaws in hardware, I had some frustration when an IDE patch which fixed a regression by reverting to set a hardware register like the older driver had done was NAKed by the new maintainer as it conflicted with the device documentation (which must have been incorrect, the original maintainer complained regularly about such issues, all I could do was record my disatisfaction with the regression not being fixed).
Intel would presumably have to replace the old CPUs to fix their bug properly, which probably could not be manufactured anymore due to changes to the manufacturing process and new CPUs wouldn't function in the old motherboards, with some soldered not even socketed.
What a terrible talk. Chaotic, disorganised full of tangents and simply disengaging.
Not exactly a well prepared talk. Too chaotic and actually too much speculation on the motivation of Linus ESPECIALLY since he is "targeted" in the title. 5th talk my a$$ why should anyone care. Bad is bad.
it's LINE-US not LEEN-IS
Wikipedia would disagree: en.wikipedia.org/wiki/Linus_Torvalds
@@alexdewar4018 There is incorrect information on wikipedia all the time bud.
czcams.com/video/5IfHm6R5le0/video.html
@@ChristopherGray00 I mean, you can listen to him pronouncing his own name here if you like: en.wikipedia.org/wiki/File:Linus-linux.ogg
@@alexdewar4018 Christopher represents the average non-free distro fanboy, getting information wrong being proud of it then blaming it on wikipedia
@@Ryan-xq3kl Welp, we cant blame him. Linus tech tips also pronounces his name like Læ-nus. So we can just help them whatsoever
Thumbs down do to the title of the video. Will block this user.This is a terrible title and clickbait good info on security, but the title is clickbait the video should be removed or re named
Dude it is the title of the talk. geez man did you expect linus to fight with him or something.
I want to have great respect for this guy.
But rather than actually writing his own real time OS with a team of his own people.
He is instead patching shyt linux.