This is before exploits routinely started getting catchy names and even before MySpace was a thing. Let alone Twitter and Facebook was around to share news of the impending CPU apocalypse
Too bad so few people listened
@cypnk confirmed nsa backdoor
@hisham_hm That I'm not sure, but I think their implementation of pmap is such that exploiting is not possible. I could be wrong though
"writing to the %cr3 will flush the entire TLB"
It's also important to keep in mind that OpenBSD implements this and many other features that make the first few stages of an exploit extremely difficult to impossible. Of course, this also affects performance to some degree, which is a reason why other OS vendors haven't implemented it
@clacke Oh gosh! This is has been a problem ever since Theo left NetBSD
But let's not forget that OS vendors do routinely put performance over security. Most other vendors also have to worry about breaking software, which OpenBSD doesn't really concern itself with (but they do help port authors to migrate their code to be more secure)
Their approach is "break before compromise". I don't know of any other OS vendor who does this
@cypnk @clacke I am a NetBSD guy, but I have *always* strongly admired OpenBSD's unwavering "no fucks given" attitude toward doing (what they consider) the right thing. Not only are they happy to break/miss out on things, they also take on a *tonne* of extra work (e.g. developing their own implementations of CVS, NTP and now even SSL) in order to avoid compromising their principles. No other OS project comes close to that dedication.
@solderpunk @clacke And it's a huge drain on resources to do that too. But obviously they have very different goals. I remember Theo describing OpenBSD as a "research operating system", which I think is the more accurate description
I love NetBSD too in that you can pretty much run it on anything with a CPU
@cypnk That is a true and valuable property of NetBSD (which will, e.g. run on the RaspberryPi 1 unlike OpenBSD or Minix 3), but I do sometimes regret that there is such a strong and singular association between the project and portability. It makes people think that there is no good reason to run NetBSD on x86/amd64, which is not so. I love it just as much for its minimalism and cleanliness (although that is much worse than it used to be when I first became an enthusiast), for pkgsrc and more
@satchmoz @pho4cexa @cypnk I think so? Perhaps it's not so much that they think it's not capable, but rather that there is no reason to use it. If you're not running oddball hardware, why not just use FreeBSD for better performance (this is conventional wisdom, not my opinion) or OpenBSD for better security?
Never mind that radical portability is only possible through clean and careful design and efficient use of resources, which have obvious implications for performance & security on x86...
and I should point out that mine (and, i expect many others) was a mostly uninformed impression based on reading a few paragraphs about various types of unices many years ago.
it wasn't until very recently on mastodon that i encountered multiple people saying "i enjoy using netbsd as my primary desktop."
so i'm happy to have my mind changed about it.
@pho4cexa @solderpunk @satchmoz @cypnk about 16(!) years ago me and a friend built a router/firewall using a 486DX50 and 2 LAN cards for a big shared "party house/hackspace" in our town,for the house LAN using some form of BSD distro made specially for this purpose (era when the cable company only supplied a modem that fed raw internet into your PC about as sensible as drinking from the 🚾 bowl. It wasn't *that* difficult but I'd also (wrongly) seen BSD as more a "server" than "desktop" distro..
@vfrmedia @solderpunk @satchmoz @cypnk having flashbacks to the Bad Old Days when the cable company would try to dictate that weirdos with more than one computer in their house(!) would pay $10 extra per box per month, and building a NAT/router/firewall box was the naughty way to skirt around the fee
I don't think I've ever actually used it myself. For some reason the goblin-with-shield mascot stuck in my head, so whenever I randomly bump into it every so many years I think "ah, right, this thing is still here".
@solderpunk @cypnk @clacke
I've also seen them make pains to keep their code pretty portable. I watched an exchange with an Android developer (as in developer of the Android OS) where has asked about a change so they could keep continue using some code in their libc. OpenBSD actually broke it out into a separate file to make that easier for them.
OpenBSD has a "no fucks given" reputation, but they want things to be better for everyone.
@clacke Oh, and I remember Linus yelling at some developer (not for the first time), "WE DO NOT BREAK USERSPACE!" 😂
OTOH, OpenBSD breaks software all the time in the name of security. For other OS vendors, this approach really isn't possible, or at least practical. So I don't blame them entirely for not being able to make these changes
@syp I didn't include it in the original post because it's a bit more technical, but here's the sourcecode for their implementation of pmap
(Server seems to be having issues right now)
These fixes were taking place since the early 2000s
@LienRag This was more a highlight of the fact hat OpenBSD devs were aware of the potential problems these early architectural trends would have in (then) current and future software
I *think* this is part of those mitigations:
(It's quite long, so search for "TLB"). I'm also not an expert so I could be wrong
@paco This is a *very* old problem with the team
But to be fair, a lot of these mitigations do introduce a pretty serious performance hit. Not to mention it breaks pretty much all userland software so even if other OS vendors agreed on the problem, they probably wouldn't have fixed it the same way
@thegibson I'd be shocked if this wasn't in the catalog of a at least one 3 letter agency already
Yeah, the cat-and-mouse game isn't practical or feasible going forward. The only safe procedure from here on is proactive auditing, but I don't know how many OS vendors will expend the energy or budget (or have either) to do so
Yeah read that too. eleven years is a damn big time span in computing.
I was planning to buy a new CPU within the next two years, but now it seems you can only chose between the big security hole (Intel) or the smaller one (AMD).
But from what I've been reading a good chunk of the performance lead thad Intel exploited the hole market on, came from these security holes.
@thegibson I'm actually kinda glad this Meltdown/Spectre debacle happened
On the surface, it's terrible, but it's exactly the kick in the pants we all needed. The Snowden revelations didn't really do much. Ransomware annoyed us, but it only got a few flunkies fired. Data leaks are *yawn*
Now we have a situation where whole businesses are going to be running on CPUs as slow as molasses and the productivity hit will hopefully be the final wakeup call about dangers of "first to market"
*reads, gets to the 'take more than a year' bit, chokes on her morning caffeine*
a bit like in the old back issues of Popular Mechanics where they're talking about how homes might be underwater in the far off year of 2000
@devurandom Let's just say extremely paranoid about most things ;)
I think the security aspect gets a lot of the exposure, but really, they're just trying to write code in a clear and coherent way. "Quick hacks" get discarded in favor of maintainable code, The result is you get secure code as a nice bonus
That's not unique to OpenBSD, or even OS design. Lots of other software projects adopt the same principles