Bryan Lunduke is a user on You can follow them or interact with them if you have an account anywhere in the fediverse. If you don't, you can sign up here.
Bryan Lunduke @BryanLunduke

This small patch, to the Linux Kernel, is the most epic burn on Intel by AMD.

Paraphrased in English:
"If the CPU isn't AMD, assume it's not secure."

@bryanlunduke If your AMD CPU is anything post FX it's almost as bad though...
@dolus agreed.  it's not time yet for amd users to get smug. 
@awg I happen to still be running an (those are totally 8 real cores guys) 8350. I can smug all day as soon as I find a coreboot/libreboot-able mobo.
@dolus yeah.  it stings a little especially when you have a fancy machine ...
@awg What? The 'are FX CPUs actually 8 cores' thing?
@dolus I mean in general -- owning a non-shit machine you can't fully trust.
@awg Unfortunately, until we can fabricate our own HW, we are going to have to get used to only being able to trust older hardware.
@dolus indeed.  that's why I'm trying to be optimistic about the Raptor Engineering effort with POWER architecture while clinging to my libreboot'd x200 (and the several years worth of spare parts I've stockpiled).
@awg I'm hoping the x220 gets Libreboot support soon. That is still decent enough for most stuff.
@dolus @BryanLunduke What this time? (other than unavailability of ibreboot)?
@dolus @BryanLunduke As far as i read. in latest AGESA(another blob) version AMD ( and depending on motherboard)did provide option of disabling it. But dunno about what it actually do. I did not find a proper audit about disabling it.

@BryanLunduke low blow, but Intel deserves it after saying Epyc was "glued together". I wake that glue as a badge of honour and be like "Hey Lisa Sue, I want more of that Infinity Glue".

@BryanLunduke actually I guess this is untrue. The line just before the AMD CPU test already sets the CPU as insecure, making the AMD CPU's insecure as well for now

@KindlyFire @BryanLunduke It's a bit more complex than that - it's removing a line that assumes everything x86 is insecure, adding a line that tests for AMD before assuming insecure.

@BryanLunduke I'm even more glad I went for Ryzen on my home studio Linux machine.

Lesson: Monocultures, like monopolies are bad, mm'kay?

Solution: Push for more widespread adoption of alternative CPU architectures, so in the future, these kinds of bugs aren't as dire. POWER, MIPS, are RISC-V are all available RIGHT NOW and great in their own right, just not readily available or feasible in many applications. Thanks to intel an overwhelming majority of our compute infrastructure is vulnerable and will suffer heavily for putting their trust in them

@BryanLunduke why would say assume that all x86 CPUs are insecure and then have an exception for AMD though? Are AMD's x86 circuits secure or not?

@deavmi @BryanLunduke it's not x86 that makes it unsecure, but the way the CPU is designed. Your iOS device is unsecure too, and it's not an x86.

This patch forgets that there are old Intel CPUs and it also forgets companies like VIA and that the AMD geode was owned by a different company before AMD bought them.

@angristan don't boost that; it's inaccurate. AMD was vulnerable too.

@angristan @feld @BryanLunduke AMD were vulnerable, but not to the CPU bug that this code snippet's about.

@BryanLunduke the original patch was kind of "fuck them all" from Intel guys.