"More Secure" Architecture?

jardows

2[H]4U
Joined
Jun 10, 2015
Messages
2,348
So, in reading comments under Linus Torvald's statement regarding CTS-Labs AMD "report," one comment that came up was this:

Security died long ago when IT community decided to abandon the support of non x86 platforms in general and decided to move just into one direction.

Just got me curious, what architectures might this poster have been speaking of? With Meltdown/Spectre, IME, and other such CPU security issues of the last year or so, might this be an area where Power could make a play?
 
Pushing a heavily x86 user base toward other platforms invites dynamic recompilation.
Crusoe pretended to be x86, but wasn't, and relied entirely on recompilation to fake it.
Emulator packages with less cooperation from the hardware did similar for Power, iA64, and Alpha.
Like speculative execution, I'm sure its quirks could be exploited to extract information if not break in.
 
Last edited:
Diversity is a form of security. That's really the only reason that OS X is "more secure" than Windows.

If every lock in the world is a Masterlock, and you find a skeleton key - you can open every lock in the world.
 
Still using Alpha's at work with OpenVMS which used to be the standard for security (used in nuke plants, banking networks, stock exchanges, etc).. but they're long obsolete and being replaced this year with Xeon processors running Windows Server under ESXi. Seems like a step backwards, but unfortunately necessary.
 
Meltdown and Spectre depend on speculative execution in out-of-order (OoO) CPUs. In-order CPU:s don't suffer from that.

ARM CPUs come in both varieties. Cell phones SoCs usually have both fast power-hungry OoO cores and slow in-order for saving power. The Raspberry Pi family has in-order cores only where as for instance the Asus Tinkerboard has a OoO CPU. The Tinkerboard is about 30-100% faster in benchmarks than the RPi 3B at the same clock speed though ...

The Mill architecture is still not in silicon, but it looks like it is safe from those attacks. Like the IA-64 it is intended to be an in-order machine but is supposed to be as fast as an OoO machine with the help of some smart architecture ... and a smart compiler. The company behind it released a statement:
https://millcomputing.com/blog/wp-content/uploads/2018/01/Spectre.03.pdf
 
The true demise of security is not quite knowing how encryption works, or if it's truly secure.
If you encrypt, I bet you never even read the entirety of the code that does the encrypting.

I do not trust even AES-256 or 512 or 1024 or whatever else.

Why? Backdoors.

Of course Joe Haxor can't get in, but that's not *really* who will end up being able to gain access to our personal computers. It's Mr. En Es Ay who will actually be able to silently break in. And so if you don't understand or verify the encryption algorithm and its implemented code, then there's no point in even using it at all. The only force that would be able to get in has access to massive data centers for force-decrypting, as well as backdoors. Oh, and heavy wrenches. ;)

Security died when complacency and convenience superseded comprehension of complexity.

These same issues plague internet networking just as much. No matter if it's TOR or HTTPS, there's no way to *truly* know if it's secure. And even if some wizard checked, it's not like anyone can just believe it. We need to understand the implemented code for true verification to happen, and then trust that the implemented code is what's actually running.
 
Been using AIX and PowerPC since the late 2000’s. My first exposure to IBM PowerPC was Power4 Processors and AIX 5.1. Wish I could run AIX at home. I prefer AIX to any Linux distribution at this point.

One thing I will say about x86 is that virtualization is much simpler on x86 compared to PowerPC. The near vertical wall learning curve that is PowerVM was very difficult coming from x86/VMWare early on. That being said, I wasn’t nearly as affected by Meltdown/Spectre as my coworkers on the x86 side of the house.
 
Back
Top