hngopher.com

       [HN Gopher] On "I don't trust microcode"
       ___________________________________________________________________
        
       On "I don't trust microcode"
        
       Author : ignoramous
       Score  : 23 points
       Date   : 2023-01-30 13:45 UTC (9 hours ago)
        
 (HTM) web link (patrick.georgi.family)
 (TXT) w3m dump (patrick.georgi.family)
        
       | slackfan wrote:
       | The something or other axiom: Updates to most software have been
       | inevitably harmful to any original user of that software. That
       | goes for programs, that goes for microcode.
        
         | mouse_ wrote:
         | Cybersecurity and updates in general are mostly gaslighting.
         | Not entirely, just mostly. Look to South Korea's banking
         | situation for a flanderized example.
        
       | zabzonk wrote:
       | i really don't think this guy understands what microcode is, if
       | he does, this article doesn't explain it.
       | 
       | and if you are not going to trust microcode, what else are you
       | not going to trust - logic gates, transistors, electrons?
        
         | gruez wrote:
         | >and if you are not going to trust microcode, what else are you
         | not going to trust - logic gates, transistors, electrons?
         | 
         | The article is unequivocally _pro_ microcode. The title is him
         | replying to people who don 't trust microcode, so it's a
         | rebuttal.
        
           | zabzonk wrote:
           | ok, i misread, will delete my comment - except i can't
        
         | DethNinja wrote:
         | There are good reasons to not trust microcode. For example, a
         | certain instruction chain can be made to trigger backdoors on
         | the CPU and allow direct memory access for attackers. Catching
         | this might be rather hard, though definitely not impossible.
        
           | pjmlp wrote:
           | Same applies to CPUs without microcode due to hardware design
           | bugs.
        
         | noorkersz wrote:
         | we will distrust that which we cannot inspect.
         | 
         | if we cannot inspect the content of the microcode updates in
         | the context of the architecture's schematics then it won't be
         | trusted
        
           | gruez wrote:
           | That's already a lost cause considering how hard it is to
           | inspect the die (ie. the physical transistors) itself.
        
         | NoToP wrote:
         | Electrons are a ponzi scheme. The more you look into it the
         | more it's all empty space.
        
       | cwzwarich wrote:
       | I don't work on x86 CPUs, but it's my understanding that most
       | "microcode updates" change the values of HW registers (or
       | "chicken bits") to disable problematic CPU optimizations rather
       | than changing the literal microcode expansions of instructions.
       | 
       | On non/less-microcoded CPU, this same functionality would be
       | achieved by a higher-level firmware/OS update.
        
       ___________________________________________________________________
       (page generated 2023-01-30 23:00 UTC)