OpenBSD mastermind Theo De Raadt saw this intel meltdown coming a decade ago.
marc.info
>At this time, I cannot recommend purchase of any machines based on the
Intel Core 2 until these issues are dealt with (which I suspect will
take more than a year). Intel must be come more transparent.
Other urls found in this thread:
youtube.com
marc.info
marc.info
openbsd.org
theregister.co.uk
bsd.network
marc.info
blackhat.com
forum-en.msi.com
twitter.com
Who?
Theo was right, and ironically, so was minix creator Andrew S. Tannenbuam.
JUST MAKE A TWITTER ACCOUNT SO I CAN GET NONSTOP BANTS YOU FUCK
>TWITTER
for hwat purpose
not to take anything from what theo said but anyone with half a brain saw this kind of shit coming considering how bloated modern x86 is
So I can get my does of theo gonna off whenever I want
try again
I wish Theo, Linus and RMS would have a sickbantz podcast where they lambast fucktardery at full force. I would pay good money to listen.
they'd just fight
Friendly reminder that OpenBSD supports multiple architectures, not only the most common ones.
alpha Digital Alpha-based systems
amd64 AMD64-based systems
arm64 64-bit ARM systems
armv7 ARM-based devices, such as BeagleBone, BeagleBoard, PandaBoard ES, Cubox-i, SABRE Lite, Nitrogen6x and Wandboard
hppa Hewlett-Packard Precision Architecture (PA-RISC) systems
i386 Standard PC and clones based on the Intel i386 architecture and compatible processors
landisk IO-DATA Landisk systems (such as USL-5P) based on the SH4 cpu
loongson Loongson 2E- and 2F-based systems, such as the Lemote Fuloong and Yeeloong, Gdium Liberty, etc.
luna88k Omron LUNA-88K and LUNA-88K2 workstations
macppc Apple New World PowerPC-based machines, from the iMac onwards
octeon Cavium Octeon-based MIPS64 systems
sgi SGI MIPS-based workstations
sparc64 Sun UltraSPARC and Fujitsu SPARC64 systems
>not having *.twitter.com/twitter.com route to 0.0.0.0
Holy shit you're awful
>loongson
so does that just mean the shitty RMS netbook pretty much, or does that include Lemote's current and future stuff?
>sparc64
Does that include Oracle SPARC?
OpenBASED
>they'd just fight
And it would be completely fucking amazing.
Theo already destroyed Stallman once.
i wouldn't be surprised if loongson goes away in the next few releases
They also roasted Linus at least once over security.
No link.
That's ok, because they have Loongnix, and it's gonna win the unicorn!
?
Processors have had bugs since always, this statement shows zero 'insight'.
Meanwhile OpenBSD hasn't even patched this fucking hole yet, from the OS claiming to be all about security, what a fucking failure they are, even Windows have patched it.
How do I start using OpenBSD on my ThinkPad? There's shit tons of information on Linux, but BSD is generally very obscure. I'm afraid of being left in the wild.
Also, I thought FreeBSD was the usual choice.
Linux has been patched for days, OpenBSD is still wide open and can't even give an estimate for when the patches will arrive.
SO MUCH for OpenBSD security.
burn installXX.iso to a CD or write installXX.fs to a USB drive and install it from there
consult the FAQ and various man pages whenever you're lost
>OpenBSD mastermind Theo De Raadt saw this intel meltdown coming a decade ago.
Saw this coming a decade ago, still haven't patched his OS, which Linux and Windows has, heck even one-man-show OS DragonflyBSD has done that.
Theo is a cuck and so is his shitty OS.
> but BSD is generally very obscure. I'm afraid of being left in the wild.
Common man, the information is there, ThinkPads are very popular among OpenBSD developers.
Just a simple google search
link?
What? He knew that the hardware manufacturers were turning out bad designs, not that this specific exploit existed
>even one-man-show OS DragonflyBSD has done that.
From their website
>Note that Spectre is not mitigated by this commit series, and as I understand it, cannot be realistically fixed in software.
Why are you so desperate to spread FUD? Oh right, you just desperate to say whatever shit you can about things you don't understand.
some people here have a huge hateboner for theo
>link?
??
>Note that Spectre is not mitigated by this commit series, and as I understand it, cannot be realistically fixed in software.
He patched Meltdown, Spectre is NOT something you can fix at the OS level, unlike Meltdown it's also much harder to exploit.
OpenBSD hasn't patched Meltdown, the by FAR most dangerous exploit.
OpenBSD for security is obviously a laugh.
By the way this is the current mailing list thread about the Spectre issue.
marc.info
Apparently SPARC and risc-v are the future for free and open hardware
Anyway, can someone please explain to me what does this guy means by "embargo period"
>So I will be most interested to see the >OpenBSD take on this after the
>embargo period is over.
Intel thinks keeping a lid on the vulnerability means people won't know how to exploit it
openbsd has always been a joke in terms of security. I bet they still lack basic shit like TrustedBSD MAC system.
OpenBSD's security is literally only measured by how secure their mediocre "base system" is.
>OpenBSD runs on multiple platforms that are not affected by this bug
>it's a joke
Jokes on you, my OpenBSD/elbrus system doesn't have this problem.
It's hilarious, if you want the best security BSD, you need to run DragonflyBSD, which basically has ONE developer.
The BSD's are indeed dead, nothing but a carcass from which some companies take code to make proprietary systems.
>Spectre is NOT something you can fix at the OS level
you can realistically fix it with different binary output from the compiler, like "retpoline".
or I could literally run a proper Linux based distribution with strict SELinux policies and not be limited to memeware garbage and shitty implementations of basic software.
>or I could literally run a proper Linux based distribution with strict SELinux policies and not be limited to memeware garbage and shitty implementations of basic software.
That's what he was implying...
ok.
I'm just tired of these fucking edgy homos who are all uppity about their shitware.
MUH POSIX COMPATIBILITY
/bin/sh only bro
*BSDs are good and i'm ignoring the fact that I'm running a fucking Linux DRM subsystem so I can have a functional Xorg.
musl libc is so good, even if it doesn't properly resolve dns and fails to parse /etc/resolv.conf correctly literally all the time.
just fuck off and kys you fucking edgelord kiddo fucks.
...
What are you even trying to say bro ? Have some coffee or something.
>musl libc is so good, even if it doesn't properly resolve dns and fails to parse /etc/resolv.conf correctly literally all the time.
Dude, wat
>I would bet a lot of money that at least 2-3 of them are.
Wew man
Imagine if he actually bet his money
I highlighted the relevant part of the post
there WILL come a day when an exploit won't be patchable in software. at that point, the internet could implode.
the neurotic guy behind OpenBSD
no doubt he's an unpleasant person, but does he know security! I would trust him with my PC
for the base (text)
openbsd.org
then google how to install OpenBSD and your favorite desktop environment (gnome, kde, xfce, MATE, whatever)
I don't think nation-state agencies like NSA, FSB, or PLA advertise those kinds of capabilities. they're not interested in your pepe collection, but they either already have the capability, or are working on how to.
>no doubt he's an unpleasant person, but does he know security! I would trust him with my PC
Why ? OpenBSD hasn't even patched Meltdown yet and no word as to when it will happen.
Meanwhile practically every Linux distro is patched, and even fucking Windows.
it'll be done eventually. I think he really wants to test this and make sure it works. also they were the first to implement NX bit in software (W^X) before it was even implemented in hardware. they also have this innovative idea of randomizing modules order in the kernel at every boot to mitigate against kernel exploits
theregister.co.uk
Currently running a landisk machine with [spoiler]NetBSD[/spoiler].
AMA
I hope you enjoy your ecosystem bro. Vive le difference..
Open Based are probably researching the full implication, they aren't a big cloud hypervisor, they are what they are. You can always trust OpenBSD.
>so was minix creator Andrew S. Tannenbuam.
What? How?
Microkernels need serveral orders of magnitude more syscalls than monolithicc kernels. If we had all infrastructure based on microkernels, the slowdown from Meltdown patches would be around 90% (and that's still optimistic).
>it'll be done eventually.
No shit Sherlock, meanwhile OpenBSD is wide open to be exploited.
>microkernels need serveral orders of magnitude more syscalls than monolithicc kernels
are you shitting me? you can usually count syscalls of microkernels on fingers, loonix and unix OSs have orders of magnitude more syscalls than they need. Sure you can theoretically make monolithic kernel with 7 or less syscalls, but that's not reality we live in.
>The BSD's are indeed dead, nothing but a carcass from which some companies take code to make proprietary systems.
so this is the power of pushover (non-copyleft) licenses!
I doubt anyone running OBSD in important production would be trusting intel arch anyway. I certainly didn't.
this looks pretty interesting
bsd.network
>OpenBSD's syscalls are actual syscalls with context switches, instead of a shared memory region between kernel/userland
>Q: oh, so this fix that causes between 0.2% and 50% performance hit, you've had it from the very beginning?
>A: yup, this is why people were complaining about some apps being super slow.
openBASED
Lincux fuck up again.
Microkernels have to do less syscalls since there's more system modules implemented in userland. You don't know how microkernels work, please refrain from posting again.
Welp time to switch to BSD
2018 IS THE YEAR OF THE RISC PROCESSOR
AT LAST ITS TIME HAS COME
>syscalls with context switches
Nice overhead they got there (if it's true)
"Destroyed" is a massive overdramatization of what actually happened. If you actually read the thread you would realize this.
Probably they fucked up with the wifi handshake bug.
Why not openbsd?
I want to switch but i can't decide if open or net
Less autism.
That's it?
What about performance, easy of use, documentation, applications...?
why not just running everything in ring 0 without any overhead
...
Terry was right.
Does meltdown even affect openbsd? I thought they had always (since the original BSD on the VAX) had separate maps for each process and kernel, with a full syscall to get from userland into the kernel? Thats one of the reasons its always been slower than linux and windows.
The reason is because Intel and the research team have refused to provide them with the details, as they did with the other major OS developers. This has been in the works for multiple months. It just leaked a couple of days prior to the patch. Stop blaming the OpenBSD devs for Intel's fuck up.
>which I suspect will
take more than a year
>a year
>2007
Because there’s minix running on almost every home computer.
>almost every home computer use intel skylake+ cpu
Fuck that bs.
Only in theory. In practice it doesn't work on half those platforms, barely on half of the remaining ones, and poorly on the rest (for example only partial or even no support for modern CPUs on that arch, where modern means "made in the past decade").
We did it guys!
>bugs
lmao
designed into substrate since '96
>hidden for 20yrs
lol for your protection goyim
blackhat.com
I'm not even surprised by this.
you don't run openbsd if you don't like some overhead, dude
they would run at 100% CPU load if that meant being invincible against every kind of attack
This, openBSD is NOT meant to be light on the system, its following the standard tinfoil philosophy of security first, everything else later
don't forget these guys designed openSSH and openSSL after all
BSDs in general can only be compared with Gentoo imo, in the manner that if you dont like compile times, or cant support them, dont bother
Also BSDs are more geared towards engineers, unlike Linux and other OSes
also the fact that DFly received a patch first might be explained by the fact that it's an AMD64 ONLY operating system.
OpenBSD has all the portability to deal with, and the bugs exist on more than one arch.
>memeware garbage and shitty implementations of basic software
Anybody who describes anything as “memeware” should immediately be disregarded in any kind of discourse.
Skylake is but one of many. Stay ignorant.
Why should you "switch" when you can boot either or both and choose one or both or neither?
Where did the "switch" meme come from? I run many OS and it cost me nothing. Now I'll go see if BSD makes for a usable desktop. That doesn't mean "switching" because only what I need to be secure needs to be secure.
Its been stated many times in openBSD mailing lists that they'd rather arrive late to the party with a well-thought out and concise patch, rather than an ugly hack that will undoubtedly remain there and never really get fixed properly
SPARC isn't open source hardware. Only RISC-V is alright.
>embargo period
That's the period of time where only megacorps and the NSA are allowed to know about an exploit, but no one else is.
MSI doesn't care apparently
forum-en.msi.com
he has not said anything about these new bugs yet.
Reminder that OpenBSD is a security nightmare and you should be using NetBSD instead.
the installer has a good tui that makes installing it easy and you just need to add the ports tarball and use pkg_add to install programs and syspatch to install updates.
>openBSD is a security nightmare
>use netBSD
Not that user but I'm one of the NetBSD devs and while we would definitely be way further along with Theo we have still come a long way. We're still better than Linux, Windows, and macOS.
I cant know about you being a netBSD dev but Theo aside, any of the BSDs is way ahead of any other OS in my eyes
netBSD splitting is for the best too imo, since now we have a pure security autismo OS
being better than shit isn't much of an accomplishment