r҉ustic cy͠be̸rpu̵nk🤠🤖 is a user on mastodon.social. You can follow them or interact with them if you have an account anywhere in the fediverse. If you don't, you can sign up here.
r҉ustic cy͠be̸rpu̵nk🤠🤖 @cypnk

Just FYI, the project knew about the potential harm of and 11 years ago

marc.info/?l=openbsd-misc&m=11

This is before exploits routinely started getting catchy names and even before MySpace was a thing. Let alone Twitter and Facebook was around to share news of the impending CPU apocalypse

Too bad so few people listened

mastodon.social/media/I10ysFRG
mastodon.social/media/-_luWj8U

@cypnk Wait, does that coincide with the consumerization of IT?!?

And the willful "just do it!" that started coming from the C-Level offices around the same time?

@cypnk @thegibson
Dog controls your destiny. Seek out three items of his favor and then seek his shrine.

@enkiv2 @thegibson I was just about to go buy cookies and I’m already sent off on a side quest 😭

@cypnk how do you know it wasn't a different bug? The Intel pdf detailing the errata they're talking about is a 404...

@Wolf480pl @cypnk Its a different bug, the mail is about how many bugs there are.

@duncaen then I guess @cypnk 's post was ambigously worded

@Wolf480pl @duncaen My point is that they knew enough about the deficiencies of processors to take active mitigations against them more seriously

@cypnk did OpenBSD already clear the page tables when context switching before the recent disclosures?

@hisham_hm That I'm not sure, but I think their implementation of pmap is such that exploiting is not possible. I could be wrong though

cvsweb.openbsd.org/cgi-bin/cvs

"writing to the %cr3 will flush the entire TLB"

It's also important to keep in mind that OpenBSD implements this and many other features that make the first few stages of an exploit extremely difficult to impossible. Of course, this also affects performance to some degree, which is a reason why other OS vendors haven't implemented it

@cypnk This just in: OpenBSD don't communicate effectively.

@clacke Oh gosh! This is has been a problem ever since Theo left NetBSD

But let's not forget that OS vendors do routinely put performance over security. Most other vendors also have to worry about breaking software, which OpenBSD doesn't really concern itself with (but they do help port authors to migrate their code to be more secure)

Their approach is "break before compromise". I don't know of any other OS vendor who does this

@cypnk @clacke I am a NetBSD guy, but I have *always* strongly admired OpenBSD's unwavering "no fucks given" attitude toward doing (what they consider) the right thing. Not only are they happy to break/miss out on things, they also take on a *tonne* of extra work (e.g. developing their own implementations of CVS, NTP and now even SSL) in order to avoid compromising their principles. No other OS project comes close to that dedication.

@solderpunk @clacke And it's a huge drain on resources to do that too. But obviously they have very different goals. I remember Theo describing OpenBSD as a "research operating system", which I think is the more accurate description

I love NetBSD too in that you can pretty much run it on anything with a CPU

@cypnk That is a true and valuable property of NetBSD (which will, e.g. run on the RaspberryPi 1 unlike OpenBSD or Minix 3), but I do sometimes regret that there is such a strong and singular association between the project and portability. It makes people think that there is no good reason to run NetBSD on x86/amd64, which is not so. I love it just as much for its minimalism and cleanliness (although that is much worse than it used to be when I first became an enthusiast), for pkgsrc and more

@solderpunk That is a shame. And its userland is very good too, which is why I think Minix is now using it as theirs

All projects undergo increases in complexity. Such is life :)

@solderpunk @cypnk "it's very portable... and i guess that's it" is what i thought about NetBSD for years, until now. After overhearing(?) this comment i will definitely take another look at it.

@pho4cexa @solderpunk It's a very capable OS that a lot of folks use as their primary desktop. The ports are full of useful software so you can stay productive

@cypnk @pho4cexa @solderpunk do people really think NetBSD isn't that capable on x86 because it run on so many architectures?

The opposite kind of thinking is what lead me to run it as my main OS on my laptop.

@satchmoz @pho4cexa @cypnk I think so? Perhaps it's not so much that they think it's not capable, but rather that there is no reason to use it. If you're not running oddball hardware, why not just use FreeBSD for better performance (this is conventional wisdom, not my opinion) or OpenBSD for better security?

Never mind that radical portability is only possible through clean and careful design and efficient use of resources, which have obvious implications for performance & security on x86...

@solderpunk @satchmoz @cypnk these were my sentiments exactly.

and I should point out that mine (and, i expect many others) was a mostly uninformed impression based on reading a few paragraphs about various types of unices many years ago.

it wasn't until very recently on mastodon that i encountered multiple people saying "i enjoy using netbsd as my primary desktop."

so i'm happy to have my mind changed about it.

@pho4cexa @solderpunk @satchmoz @cypnk about 16(!) years ago me and a friend built a router/firewall using a 486DX50 and 2 LAN cards for a big shared "party house/hackspace" in our town,for the house LAN using some form of BSD distro made specially for this purpose (era when the cable company only supplied a modem that fed raw internet into your PC about as sensible as drinking from the 🚾 bowl. It wasn't *that* difficult but I'd also (wrongly) seen BSD as more a "server" than "desktop" distro..

@vfrmedia @solderpunk @satchmoz @cypnk having flashbacks to the Bad Old Days when the cable company would try to dictate that weirdos with more than one computer in their house(!) would pay $10 extra per box per month, and building a NAT/router/firewall box was the naughty way to skirt around the fee

@vfrmedia @pho4cexa @satchmoz @cypnk I don't suppose you remember if it was this?

firewall.dubbele.com/

That's been around for *at least* 16 years and I'm not sure they've changed their website substantially in all that time! Warms the heart.

@solderpunk @pho4cexa @satchmoz @cypnk I am fairly certain it was *exactly* that, even the layout of the site looks familiar. .

@vfrmedia @pho4cexa @satchmoz @cypnk It makes me irrationally glad that it was, in fact, that system!

I don't think I've ever actually used it myself. For some reason the goblin-with-shield mascot stuck in my head, so whenever I randomly bump into it every so many years I think "ah, right, this thing is still here".

@solderpunk @cypnk @clacke
I've also seen them make pains to keep their code pretty portable. I watched an exchange with an Android developer (as in developer of the Android OS) where has asked about a change so they could keep continue using some code in their libc. OpenBSD actually broke it out into a separate file to make that easier for them.

OpenBSD has a "no fucks given" reputation, but they want things to be better for everyone.

@kurtm @cypnk @solderpunk They even put in the effort to separately release their clean OpenBSD version and the portable "p" version for OpenSSH. So yeah.

@clacke @cypnk @kurtm They are certainly not afraid of hard work. I forgot to include DHCP in my earlier list, too!

@clacke Oh, and I remember Linus yelling at some developer (not for the first time), "WE DO NOT BREAK USERSPACE!" 😂

lkml.org/lkml/2012/12/23/75

OTOH, OpenBSD breaks software all the time in the name of security. For other OS vendors, this approach really isn't possible, or at least practical. So I don't blame them entirely for not being able to make these changes

@cypnk Sorry to nitpick, it's definitely interesting. But MySpace has very much already been a (very popular) thing in 2007. Facebook and Twitter might not have been that well known yet but where both operational already.

@syp I didn't include it in the original post because it's a bit more technical, but here's the sourcecode for their implementation of pmap

cvsweb.openbsd.org/cgi-bin/cvs

(Server seems to be having issues right now)

These fixes were taking place since the early 2000s

@cypnk Thanks, will take a look when the server is up again. But I did not even mean to doubt that OpenBSDs/deraadts early skepticism about those features was right.;)

@cypnk

Would you be kind enough to point where exactly parallel branch vulnerabilities are discussed in this documents?
I'm not a cpu specialist and they are hard to read...

@LienRag This was more a highlight of the fact hat OpenBSD devs were aware of the potential problems these early architectural trends would have in (then) current and future software

I *think* this is part of those mitigations:

cvsweb.openbsd.org/cgi-bin/cvs

(It's quite long, so search for "TLB"). I'm also not an expert so I could be wrong

@cypnk If that's not an indictment of their collective inability to communicate with the outside world, I don't know what is. 😜

@paco This is a *very* old problem with the team

But to be fair, a lot of these mitigations do introduce a pretty serious performance hit. Not to mention it breaks pretty much all userland software so even if other OS vendors agreed on the problem, they probably wouldn't have fixed it the same way

@cypnk I'm pretty sure this has been exploited for 15+ years...

I don't for a second think that this big of a hole hasn't been used before.

@thegibson I'd be shocked if this wasn't in the catalog of a at least one 3 letter agency already

Yeah, the cat-and-mouse game isn't practical or feasible going forward. The only safe procedure from here on is proactive auditing, but I don't know how many OS vendors will expend the energy or budget (or have either) to do so

@cypnk @thegibson

Yeah read that too. eleven years is a damn big time span in computing.

I was planning to buy a new CPU within the next two years, but now it seems you can only chose between the big security hole (Intel) or the smaller one (AMD).

But from what I've been reading a good chunk of the performance lead thad Intel exploited the hole market on, came from these security holes.

@arkedos @thegibson I'd hold off at least a 3 years on buying a new CPU. Whatever "fixes" they introduce can't make up for the radical architecture changes they need to introduce (and fix other ensuing bugs). Even then, your best route so far seems to be AMD. The smaller one is at least a stopgap

@thegibson I'm actually kinda glad this Meltdown/Spectre debacle happened

On the surface, it's terrible, but it's exactly the kick in the pants we all needed. The Snowden revelations didn't really do much. Ransomware annoyed us, but it only got a few flunkies fired. Data leaks are *yawn*

Now we have a situation where whole businesses are going to be running on CPUs as slow as molasses and the productivity hit will hopefully be the final wakeup call about dangers of "first to market"

@cypnk They will not change... those at the decision making level won't see the problem..."cost of doing business.

The CIO/CISO always has the junior seat at the conference table.

@cypnk

*reads, gets to the 'take more than a year' bit, chokes on her morning caffeine*

@sydneyfalk The first time I read that, I felt "my, how quaint!"

@cypnk

yes

a bit like in the old back issues of Popular Mechanics where they're talking about how homes might be underwater in the far off year of 2000

@cypnk

interesting...

though isn't "being extremely paranoid about everything", like, openbsd's policy on everything?

after all, even a stopped clock shows the correct time twice a day.

@devurandom Let's just say extremely paranoid about most things ;)

I think the security aspect gets a lot of the exposure, but really, they're just trying to write code in a clear and coherent way. "Quick hacks" get discarded in favor of maintainable code, The result is you get secure code as a nice bonus

That's not unique to OpenBSD, or even OS design. Lots of other software projects adopt the same principles