Furry Technologists

1286 readers

3 users here now

Science, Technology, and pawbs

founded 1 year ago

MODERATORS

[email protected]

Intel 'Downfall': Severe flaw in billions of CPUs leaks passwords and much more (www.pcworld.com)

submitted 1 year ago by [email protected] to c/[email protected]

14 comments fedilink hide all child comments

cross-posted from: https://lemmy.world/post/3115044

Oh no.

top 14 comments

sorted by: hot top controversial new old

[–] [email protected] 9 points 1 year ago (1 children)

im honestly not really surprised anymore. i fully expect to see a lot more of these types of bugs in the coming years

[–] [email protected] 4 points 1 year ago (3 children)

Just wait for quantum computers to take off, our current encryption can be broken with them

[–] [email protected] 5 points 1 year ago (1 children)

our current public key encryption will be broken. symmetric encryption will be fine

[–] [email protected] 1 points 1 year ago (1 children)

Yeah but just think of all the work that needs redoing to the encryption systems around the world.

Also someone could intercept and save data that has been encrypted with our standard method now and wait for quantum computing to crack it

[–] [email protected] 3 points 1 year ago

*NSA data centers have entered the chat *

[–] [email protected] 2 points 1 year ago

absolutely. a lot of currently in use public key schemes may be broken with those. more recently there have been a few newer algorithm such as kyber that do have a chance to hold. think NIST is also holding a bit of a competition, but dont quote me on that. i really dont know alot about post-quantum crypto

[–] [email protected] 1 points 1 year ago

I'll see your quantum computers and raise you electronic analog computers.

[–] [email protected] 7 points 1 year ago

Passwords are becoming speed bumps, not road blocks.

[–] [email protected] 5 points 1 year ago

What kinds of workloads are affected?

Is there a way to not install this update? I’m the only person who uses the desktop in my home.

[–] [email protected] 2 points 1 year ago (1 children)

I'm glad I'm running AMD CPUs on the computers I actually use for anything that could be considered sensitive.

[–] [email protected] 1 points 1 year ago (2 children)

Are you sure AMD CPUs are safer?

https://arxiv.org/pdf/2108.04575.pdf

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago)

If the vulnerability is part of a feature designed for niche use cases, then it's far safer than one that affects general use. I highly doubt most people are going to run virtual machines, plus the main target is server hosts that use VMs to run multiple servers of the same type on the same box. I might run a VM at some point in the future, but when I do I'll take steps to avoid any issues, like only enabling virtualization in the first place when I need it. Sure, that means I need to boot into the UEFI before and after every time I run a VM, but that's not an issue on the system I'd be running it on. And I'd rather have that inconvenience than have to worry about a vulnerability at all times.

In short, it's a matter of risk management.

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago)

At this point, I almost feel like we need to start over with the idea of pipelining in CPUs, as though it were some kind of original sin. The fact that the most basic of errors in pipelined logic are referred to as "hazards" should have been a hint.

(Edit: only half kidding)

[–] [email protected] 0 points 1 year ago

What a shitshow.