Meltdown and Spectre chip flaws

Predrag Punosevac predragp at andrew.cmu.edu
Fri Jan 5 17:46:15 EST 2018 

Dear Autonians,

Several of you have e-mailed me regarding Meltdown and Spectre
vulnerabilities. Instead of individual replays I will try to give you an
idea where the things are standing right now. 

These chip flaws more or less affect all Intel product since 1995. At
this point kernel hackers are scrambling to find "software patches" but
the only real remedy is replacing all affected chips with safe chips:
sparc, mips, arm, possibly AMD (not clear if AMD made i386-64 are
affected). As some of you know we use OpenBSD on our perimeter firewalls
which has KARL 

https://marc.info/?l=openbsd-tech&m=149732026405941

as well as the first widely used OS to provide ASLR (introducted 15
years ago)
https://en.wikipedia.org/wiki/Address_space_layout_randomization 


However it doesn't currenly have KASLR. That seriously limits our
exposure to the meltdown and Meltdown and Spectre but we are not 100%
safe. 

Anyway any "software patch" that you will soon see from Linux, OS X, and
Windows kernel hackers will introduce at least 5% pefromance penalty for
system calls non-intensive programs and close to 30% overhead for
anything file system/network related including things lake databases

https://marc.info/?l=dragonfly-users&m=151517909713575&w=2

I have on my desk Ubiquiti Edgerouter Lite ERLITE-3

https://www.amazon.com/Ubiquiti-Edgerouter-ERLITE-3-Desktop-Router/dp/B00HXT8EKE/ref=sr_1_1?s=electronics&ie=UTF8&qid=1515191230&sr=1-1&keywords=Ubiquiti+Edgerouter+Lite+ERLITE-3

which is MIPS based  and unaffected by the Intel bugs. I am monitoring
situation and will not hesitate do deploy MIPS based network solutions. 
For those of you who have one of ARMv7 devices at hand those seems to be
also unaffected by meltdown. 

https://www.openbsd.org/armv7.html

Finally we can definitelly recycle some old Sun hardware (sparc which is
also bigendian) the last of which I retired about 2 years ago. The last
seems to be the approach that Russian military and space forces are
taking by exclusively deploying home grown Elbrus sparc based computers
pionired by Armenian super computer architect Boris Babaian.

https://en.wikipedia.org/wiki/MCST

Best,
Predrag

More information about the Autonlab-users mailing list