Intel's security problems are not going away
 

Linux man warns

Chipzilla's security problems are not going away, Linux kernel maintainer, Greg Kroah-Hartman has warned.

Speaking to the assembled throngs at the Open Source Summit Europe Kroah-Hartman said Intel CPU's security problems "are going to be with us for a very long time" and are "not going away".

He added: "They're all CPU bugs, in some ways they're all the same problem" but each has to be solved in its own way. "MDS, RDDL, Fallout, Zombieland: They're all variants of the same basic problem."

Kroah-Hartman said that all the CPU bugs were potentially deadly for your security. RIDL and Zombieload, for example, can steal data across applications, virtual machines, even secure enclaves.

"The last is really funny, because [Intel Software Guard Extensions (SGX)] is what issupposed to be secure inside Intel chips [but, it turns out it's] really porous. You can see right through this thing."

To fix each problem as it pops up, you must patch both your Linux kernel and your CPU's BIOS and microcode. This is not a Linux problem, any operating system faces the same problem.

OpenBSD, a BSD Unix devoted to security first and foremost, Kroah-Hartman freely admits was the first to come up with what's currently the best answer for this class of security holes: Turn Intel's simultaneous multithreading (SMT) off and deal with the performance hit. Linux has adopted this method. But it's not enough, apparently. You must secure the operating system as each new way to exploit hyper-threading appears.

https://fudzilla.com/news/49677-inte...not-going-away