Linus Torvalds: Speaks on Linux and Hardware SECURITY Issues

34 thoughts on “Linus Torvalds: Speaks on Linux and Hardware SECURITY Issues”

• What type of CPU are you using?

• 5500u

• Better make Linux NTFS .. Then it will boom .. Nobody like's windows anymore ..

• What about open sourcing the x86 architecture? For the RISC-V architects don't make the same mistakes.

• Linux foundation spends only 2% of its revenue on kernel development. Maybe they should spend some money on hardware?

• I understand your frustration

• Why so serious Linus? You are not responsible for Intel, AMD or Qualcomm. CVE exploits, are not 'public' enough? What's missing? Spectre is an issue, new variants expand the base, proof of concepts recently announced for RISC mobile and Mali GPU, formation relating to driver and cache pointers. They're all speculative, all read cache or pointer/stack overflows, even oldest exploits ever made, going back forever, all started here! Only difference, having become microcodes in processor evolutions, instruction set extensions, which may be either patched.. or ignored.

• Tanenbaum might have some good advice. 😊

• What is he trying to say? I don’t understand a word he’s repeating over and over. Can someone translate?

• he sounds as if he did smthn with his teeth

• When is he not frustrated and swearing at people

• Maybe someone has to write a book about the mistakes, so the RISC-V-team can avoid them.

• "Speaks on Linux Hardware SECURITY Issues" – There is nos such thing as Linux Hardware Security Issues. Either they are hardware security issue but then they are not related to Linux at all and will affect any operating system on earth or they are Linux issues but then they are not hardware issues as there is no Linux hardware, Linux is a software operating system kernel.

• Why haven't they just implemented secure instructions that bypass caches, bypass pipelines and optimisations, and provide for a regular execution of code where needed? That way you can bypass all "non-linearity" where needed and enforce WYMIWYG and integral low-level access, and allow for optimisation and performance where there is no risk of compromise.

  Allowing secure code to go through the same paths as regular code and data is just a bit silly. Like he says, no matter how secure you make your code, if the underlying hardware is flawed or even a little bit undefined or nondeterministic, then we're screwed. Then you can't code your software to be secure, as it'll always be "interpreted" by the hardware.

  Abstraction can become a damn security risk.

• Hardware security becoming more and more relevant makes me think about Apple’s platform where all devices up to and including an $11k+ Mac Pro are non-upgradable.

• GNU/Hurd would have been better than GNU/Linux. He just became slave to the corporates.

• The most "horrendous" thing about this secrecy is that mainly the people that abuse the problems are the ones that knows about it, instead of the people that can and want fix it.

• I just like to interject for a moment

• I'm frustrated by all the clickbait

• Why is nobody talking about / promoting John Gustafson's "Beating Floats at Their Own Game". Risk5 should/can take the Lead in implementing the Quire, the Posits or/and the Unum_Nummber Format(s)!!! Don't let DARPA be the only one who is running with this free invention. LLot of spying is done in the unused Floating_Bits area!
  All the State(s) is/are penetrantly spying on subordinate and/or foreign citizens. THEREFORE They have their dirty fingers in Hardware developement. This is specially annoying for Privacy of BTC owners; the Seed Phrases could be confiscated at any time on each modern smartphone!

• No computer is secure – read Ken Thompson's Turing Lecture "On Trusting Trust." A simple attack if you've ever had your hands on the compiler, assembler or microcode.

• Even if the hardware is open, the vulnerabilities that will be discovered in it, will still be NDA'ed.

• linus changed the world by just not accepting poor quality

• At least RISC-V has the benefit of hindsight. speculative execution exploits are now well known and understood. Trading security for speed will bite you in the ass. Security researchers will find you out. I don't expect this would be much of an issue for RISC-V unless it's designers have their heads in the sand with an it'll be all right attitude.

• Risc v isn't the solution. It is just a cheaper solution

• Nik isn't Savvy enough to spell Linus' name right. His name isn't Linux LMAO

• Linus has been frustrated for years. All he seems to do any more is complain.

• looking at some comments and at how messed up the title is it's clear this guy is actually AI generating at least some of his videos. Always has been the linux fast food kind of videos but still.

• An internet router like MIPS/debian-mipsel could be made but, rather than STM32, it would have a (debian blob compatible) CPU (RISC-V) as a Public-Domain (or somewhere between copyleft and GPLv2 could do, with AGPLv3 for network niggling details) Open-Source microarchitecture RISC-V CPU (expecting a Linux monolithic kernel too boot from 4 of HDD or SSD SATA with RAID10) in it and then some known-quantity amount of RAM like say 4GB in a (also unregistered RAM compatible and ECC) desktop/ECC-compatible RAM slot and a (also unregistered RAM compatible and ECC) desktop/ECC-compatible slot that can (optionally) take another 16GB (topping it up to 20GB is for some reason it needed to), and just make it DDR3 so it can choose between its unregistered and registered RAM settings.
  It would be 6G sim-card compatible even though it has ADSL2 via RJ11 ports near the 100Mbps RJ45 ethernet and the 8 USB ports (and a WAN and other port for straight-to-fibre) and it could have Wifi6 and Bluetooth 5.2 and pitch-roll-yaw accelerometer (like a wii-remote has) and a compass and LoRaWAN (RX and TX send and receive) and drivers for S-Band and Ku-Band and software-defined-Radio GNU radio with slowscan TV mode for data. It would have a PCI-e 4x slot at Gen3 to be able to take a better NIC card with VMDq and SR-IOV if better ethernet speeds are need compared to the 100Mbps LAN (not WAN) ports. It would have an IEEE1284 (bootable) and a couple of Serial COM ports to remote into it, and a JTAG and MIPI interface. However, the 100Mbs RJ45 Lan ports on it would be deliberately there for a small driver. An interface to add PoE would be there by you would need to add it later. The RJ11 would also be able to plug in VOIP device, again to add later, keeping cost down. It would have a circuit to detect a battery added later even though it does not come with one and instead, in a power-outlet, would work in a mains electrical plug socket (wall wart).
  Then (and this is the important bit) basically just give it (via some whip-round) to the Linux Foundation and ask Linus to say what he wants from the instruction set in the RISC-V CPU. Ask Stallman too (if he can do). The router RISC-V CPU would be unlikely to have better processing than say an A53 with protection-rings. So commercially available routers would be able to make glitzy fancy routers with other features without tis open-source router displacing their market value. This open-source router instead would be designed to be solid and do a workman like job and nothing particular fancy. It simply has that 6G and Bluetooth and WiFi at that reasonably modern level so that is continues to work well enough for many years to come. It would also expect to take a MFA FIDO2 hardware security key in a USB port just in case that helps things in future projects. It would probably need some of the USB ports to be capable (or upgradeable) of being USB3.2 with decent power (converting to or from USB-C).
  Linux is not pronounce like his name 'Linus' (a running in-joke for geeks), so the router should have a naming convention along those lines (being deliberately slightly inaccurate) as with its default Operating System distro. So the Distro could be called thr34k because it is like 'freak' (the previous candidate name for Linux) but spelt wrongly as though it is the number but then the letters are post ironically switched to numbers just to be even wronger. The router itself could be called "Lee Noose" because it is about time, once again, that we all came up with yet another wrong way to say his name.
  The router should have a couple of interfaces to allow the user to optionally plug in a couple of 128×32 pixel monochrome LCD screens. The CPU could be called the "St. All m'Anne" (because it is a corruption of Richard Stallman). We'll just have to come up with a reason why it is like that and never actually admit it to Stallman (or Torvalds for his one) as to why the name of the CPU is that. We'll say perhaps that The name represents a saint of everything (i.e "all") associated with my Anne. So, let's assume Anne is some person or whatever, and she is "my Anne" like maybe she is betrothed or something. So it means "The Saint of everything pertaining to my Anne" when it is written "St. All m'Anne". It's a stretch but without it, somebody will need to come up with something better. Anne will be represented in a cartoon avatar sticker stuck on the router and then can be a character in SuperTuxKart because mascots need to exist for as many GNU linux things as possible. That avatar and the "Lee Noose" avatar will probably be some sort of fluffy mascot other people haven't already used, rather than an actual human.
  It would have a 2nd CPU socket just in case it struggles. The RISC-V should have an FPU in it.
  The point is that it would become popular enough without flooding the market and Stallman and Linus would simply be able to tell the makers in advance what they want from it. It probably would be able to take a modest low-power graphics-card in the PCIe slot and run it is a server with a GUI or desktop computer but that is not the main focus of it. That does mean however that if there is a desire for a "safe option" CPU, the router would have established it, even though it would be quite a tame CPU compared to actual laptops, smartphones and desktop computers (and big-servers). Thereby when people make other (fancy) RISC-V CPU chips (be they public domain or not), they can have the point-of-reference to know what basic little CPU other people are already happy with looks like.
  The router will be have a target audience like the One-Laptop-Per-Child project in the past, (so you can buy one in USA, UK and so on and the increased price) but displaced people (with an identity card) who want to get one can buy or earn one such as if they set up a business like a coffee shop or something like that (or they maybe just want to use it in their dwelling on as a carputer but on a bike). The router (essentially with a ALSA compatible 24-Bit soundcard with MIDI on it) would have a mic-in and line-in (both stereo) and a stereo line-out just in case not having one causes a problem with VOIP somehow later. It would expect ogg-vorbis-theora even though it could probably do other things. Having MIDI (a joystick port) is useful but is there to ensure linux has a go-to MIDI standard just in case somehow the sound-card existing on the router (largely for VOIP) encounters a problem as a result of not having MIDI.
  If Torvalds and Stallman refuse to take the money to do it, have some other bargaining chip they are after to incentivise them to do it for that reason. There must be something. The benefit everybody else would have is that it would save a whole bunch of ballache regarding computing-ambiguity (especially pertaining to the deciduous nature of Reduced Instruction Set Chips) and would brighten up these grumble-pill videos of two blokes sitting on 2 chairs like something out of a year 2000 Public Access TV channel show.
  My comment has no hate in it and I do no harm. I am not appalled or afraid, boasting or envying or complaining… Just saying. Psalms23: Giving thanks and praise to the Lord and peace and love. Also, I'd say Matthew6.

• Just dont connect to internet why overcoompilcate stuff jeez…

• I wonder how many years it will take that the hardware manufacturers start adding such bugs intentionally with the intention to reveal them to the public some years later to boost new hardware sales, as everyone wants to update their old hardware to non-buggy new ones. I would be surprised if this hasn't been discussed some years ago already in some of the hardware companies.

• Since you can’t pronounce the man’s name, I assume this is AI.

• Linux Torvolds? Maybe proofread your titles?

• That sounds like quite simply if you're going to do something complicated in hardware, it needs to have some controls in software so the knobs can be turned in case something goes fucky wucky.

  You'd think that's common sense.

  I have coded in Python and JS and NASM and done an FPGA and a virtual mplementation of RISC-V. I would love to hear specific things that RISC-V should learn from its predecessors. It's not quite perfectly pure hardware but it's surprisingly closer than x86 or ARM and was dramatically nicer to build.

Comments are closed.