Computer systems around the world are getting a raft of patches in the wake of the Meltdown and Spectre vulnerabilities. These low-level bugs affect many different CPUs and architectures, but Intel was hit harder than most. As the company starts rolling out patches, not everyone is happy with the quality of Intel’s work. In fact, original Linux developer Linus Torvalds has called Intel’s patches “COMPLETE AND UTTER GARBAGE.” He actually used caps lock, so you know he’s serious.
Spectre and Meltdown target some core features of modern CPU known as speculative execution. These features allow CPUs to “prime the pump” by doing calculations that may be needed in the future. Spectre and Meltdown abuse cache timing to leak information from the system. All you really need to know is these are serious vulnerabilities that are difficult to patch because of the low-level features they target. Google managed to come up with innovative means to patch its cloud services, but other firms have had issues.
Torvalds’ feelings on the Intel patch were made public in an email chain with Amazon engineer David Woodhouse. He takes issue with the content of the Spectre (variant 2) patch as well as the way it’s implemented on Linux systems. “Has anybody talked to them and told them they are f*cking insane?” Torvalds says at one point in the exchange.
The “insane” part, according to Torvalds, is that Intel has added redundant junk to the patch and made the entire thing optional. Administrators actually need to opt into the patch via a software flag when booting the system. Torvalds says this is because Intel’s Meltdown patch (known as “Indirect Branch Restricted Speculation” or IBRS) is so inefficient that rolling it out universally would cause substantial performance hits. In addition, Torvalds says many of the changes made by the patch are redundant when Google’s “retpoline” already provides protection.
As Torvalds points out, it looks like Intel’s approach to patching Spectre is to not patch it. The software flag is a weird half measure when we’re talking about such a serious flaw. Torvalds also complains that Intel seems determined to punt on the issue until it implements architectural changes down the road.
Intel has responded to Torvalds’ concerns without really saying anything — pretty standard for PR. The company says it’s “actively engaging with the Linux community, including Linus.” We’re not out of the woods yet, so it’s good we’ve got people like Linus Torvalds holding Intel’s feet to the fire.
Putting Glasses on Praying Mantis Reveals New Form of 3D Vision
Insects see the world very differently than we do, but researchers from Newcastle University in the UK now say that the praying mantis possesses one important element of human vision: It can see in 3D despite having a comparatively tiny brain.
Diesel Ban in Stuttgart: Beginning of the End?
High German court says Stuttgart, home to Mercedes and Porsche, can (not must) restrict diesel-engine vehicles. Market penetration by diesels might fall by half, to 25 percent.
The New Oculus Go Slashes VR’s Entry Price Without Gutting Quality
The new Oculus Go promises a standalone VR experience at a much lower price point. Early previews suggest it nails that balance.
‘Light Field’ Camera Maker Lytro Is Shutting Down
According to a statement on the company's website, the time has come to "wind down" operations. A recent rumor pointed to a possible Google acquisition of Lytro, but it looks like Google is only interested in snapping up the company's engineers.