Date: Sun, 9 Nov 1997 16:32:27 -0700 (MST) From: Charles Mott <cmott@srv.net> To: Chuck Robey <chuckr@glue.umd.edu> Cc: "Jamil J. Weatherbee" <jamil@trojanhorse.ml.org>, mika ruohotie <bsdhack@shadows.aeon.net>, perlsta@cs.sunyit.edu, freebsd@atipa.com, hackers@FreeBSD.ORG Subject: Re: IDT processors? Message-ID: <Pine.BSF.3.96.971109160819.24666B-100000@darkstar.home> In-Reply-To: <Pine.BSF.3.96.971109164923.27308B-100000@picnic.mat.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 9 Nov 1997, Chuck Robey wrote: > Much of the performance improvement that's gone into _all_ modern CPUs is > dealing with pipelining, branch prediction, superscaling, all of which are > great places for subtle bugs. The inter-instruction dependencies can > drive you to drink. Seeing as we never noticed the bug at all, until a > few days ago, I can't see it's too much of a killer. I don't like it > much, but painting Intel as a big villain because of that is nonsensical. > Clearly, if it was that much of a major thing, you'd have noticed it > before now. There are better reasons to dump on Intel, that make much > more sense than this one. I think that crackers with shell accounts probably have been able to crash machines without benefit of the Pentium bug for some time now, although this latest exploit is simple and has the danger of becoming a fad. I think this could be bad for Intel, although I agree with you that it is wrong to paint them as the villain here. One can hope that rational thought will prevail. Generally speaking, if one allows users to execute arbitrary object code, there is always a crash risk. I think crackers are much more interested in exploits that either directly or indirectly lead to root access (packet eavesdropping, tcp hijacking, symlink attacks, stack overflow, race conditions, etc.) than simple denial-of-service attacks. Charles Mott
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.971109160819.24666B-100000>