Reasons to hate microcode updates: * They enable companies to ship broken CPU's and fix them later thus a CPU undergoes less testing (remember when software/games didn't have and worked fine without a day one patch?) * Theoretically a nation state actor could screw around with a CPU and have an internal microcode update to secure their own systems, or something else like that. * It is a black box (at least with intel) that is just another step of the war on general purpose computing- the tivoization of hardware.
On 09.01.2017 23:07, Taiidan@gmx.com wrote:
Reasons to hate microcode updates:
- They enable companies to ship broken CPU's and fix them later thus a
CPU undergoes less testing (remember when software/games didn't have and worked fine without a day one patch?)
Well, I remember when a x86 CPU alone cost $1k. You should stop buying x86 if it's too cheap for your taste.
- Theoretically a nation state actor could screw around with a CPU and
have an internal microcode update to secure their own systems, or something else like that.
They can have that much more easier by flipping a secret bit somewhere.
- It is a black box (at least with intel) that is just another step of
the war on general purpose computing- the tivoization of hardware.
Might be, but that's not how it started / why we have microcode updates.
These are all good reasons not to buy a CPU that requires black-box updates. But not against applying the update if you have such a CPU.
Nico
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 01/09/2017 04:28 PM, Nico Huber wrote:
On 09.01.2017 23:07, Taiidan@gmx.com wrote:
Reasons to hate microcode updates:
- They enable companies to ship broken CPU's and fix them later thus a
CPU undergoes less testing (remember when software/games didn't have and worked fine without a day one patch?)
Well, I remember when a x86 CPU alone cost $1k. You should stop buying x86 if it's too cheap for your taste.
- Theoretically a nation state actor could screw around with a CPU and
have an internal microcode update to secure their own systems, or something else like that.
They can have that much more easier by flipping a secret bit somewhere.
- It is a black box (at least with intel) that is just another step of
the war on general purpose computing- the tivoization of hardware.
Might be, but that's not how it started / why we have microcode updates.
These are all good reasons not to buy a CPU that requires black-box updates. But not against applying the update if you have such a CPU.
Very well stated. You could purchase a POWER CPU right now that wouldn't require signed microcode, for instance, or an ARM64 CPU that doesn't need microcode at all, but if you keep purchasing cheap x86 CPUs this is what you get. Not applying the manufacturer's microcode updates (which are still mostly horizontal microcode, basically logic level switches and some basic microprograms) only hurts security on such devices.
- -- Timothy Pearson Raptor Engineering +1 (415) 727-8645 (direct line) +1 (512) 690-0200 (switchboard) https://www.raptorengineering.com
On 01/09/2017 05:28 PM, Nico Huber wrote:
These are all good reasons not to buy a CPU that requires black-box updates. But not against applying the update if you have such a CPU.
Nico
Of course, which is why I warned the thread parent earlier in the email chain.
It seems a lot of people fail to appreciate the difference between works and works securely (aka without any significant errata).
I bought a 62xx opteron instead of a 63xx opteron because it works securely without microcode (according to various sources), unfortunately I am unemployed or I would get a 7K POWER system (and pay for firmware development) - I personally believe that cheap CPU's have ruined the internet "eternal september".
If anyone can give me one I would appreciate a coreboot wiki editor account so that I can note that as like others said it isn't made clear enough (and make a few other changes such as a supported features table and faq for the motherboards I have)
On Mon, Jan 9, 2017 at 2:09 PM Taiidan@gmx.com Taiidan@gmx.com wrote:
Reasons to hate microcode updates:
- They enable companies to ship broken CPU's and fix them later thus a
CPU undergoes less testing (remember when software/games didn't have and worked fine without a day one patch?)
that's actually not a very good reason. Companies ship broken hardware all the time. A company that has a microcode machine would be irresponsible were they not to allow the option of an update. Further, hardware is .... hard. It's simply not possible to catch every possible bug before it ships.
True story: when the Y came out, vendor abc used a Y-1 to check its floating point calculations. The machines were to stop when a difference in computations was found. The machines stopped. The Y-1 had a bug that the newer machine found.
Why did I not use names? Because I've heard this story from architects at just about every computer company. Hardware has bugs. Microcode fixes can work around the bugs. So it makes sense to take advantage of that.
* Theoretically a nation state actor could screw around with a CPU and
have an internal microcode update to secure their own systems, or something else like that.
All kinds of things are possible in theory, but it seems to me you're making an argument against microcode, not microcode updates.
- It is a black box (at least with intel) that is just another step of
the war on general purpose computing- the tivoization of hardware.
This is pretty much the same argument. If you don't like the CPUs you are using, get different ones.
Given the use of a machine that has microcode, I don't think the opposition to microcode updates makes any sense at all. You're far more likely to be harmed by bugs in microcode than problems in a microcode update.
-
Nico Huber -
ron minnich -
Taiidan@gmx.com -
Timothy Pearson