[a / b / c / d / e / f / g / gif / h / hr / k / m / o / p / r / s / t / u / v / vg / vr / w / wg] [i / ic] [r9k / s4s / vip / qa] [cm / hm / lgbt / y] [3 / aco / adv / an / asp / bant / biz / cgl / ck / co / diy / fa / fit / gd / hc / his / int / jp / lit / mlp / mu / n / news / out / po / pol / qst / sci / soc / sp / tg / toy / trv / tv / vp / wsg / wsr / x] [Settings] [Home]
Settings Home
/g/ - Technology

Thread archived.
You cannot reply anymore.

File: 1510623433473.jpg (19 KB, 463x302)
19 KB
So now that x86 and arm are about to die due to security flaws, what architecture will we start using? Power9?
I don't think you can trust other CPUs either. They've just become too complex and too focused on performance.

I think the solution is to stop trusting CPUs altogether. When having untrusted local users or virtual machines, security completely depends on the CPU correctly separating the different users. Even when you don't have untrusted users, it still acts as a layer of defense.

I don't think this should be done anymore. It can still complement other defense layers, but it shouldn't be depended on by itself alone. CPUs should never be allowed to execute arbitrary machine code. Only code generated in a trusted manner should ever be allowed to hit the CPU. There were systems like this before where compilers were privileged programs and they were tasked with not generating code that violate the security of the system. Ordinary programs were not allowed to make executable files or jump to arbitrary code they might have generated themselves, etc.

Doing this on current OSes would be a bitch though. Even just getting the base system to work like that would be pretty hard. Then you'd to design something to make all of programs with JIT compilation work and keep that secure (e.g. browsers). And it would make sense for virtualized containers, but it would be a problem for full VMs. The whole point of them is to let users do whatever they want within them.
inb4 specialised-hardware moves to ASICs
What did I miss?
You mean Intel's x86 CPUs.
AMD is fine.
AMD X86 is based on intel, genius

AMD64 is fine though

Delete Post: [File Only] Style:
[Disable Mobile View / Use Desktop Site]

[Enable Mobile View / Use Mobile Site]

All trademarks and copyrights on this page are owned by their respective parties. Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.