Hacker News new | ask | show | jobs
by madrix999 2449 days ago
More like this, intel has cut a lot of corners for a long time in their x86 processors, mostly to have better performance, which ended up with all these vulnerabilites we keep hearing about every couple of months. They're just now suffering the consequences of all the shady things they've done to try and establish a monopoly in the CPU market
1 comments
AnIdiotOnTheNet 2449 days ago
A more generous interpretation: Intel made decisions that favored actual measurable performance today at the expensive of theoretically known vulnerabilities that might be exploited in some hypothetical future. They gave the market what the market demanded at a cost they tolerated.

And even now, after said theoretical vulnerabilities have been reified, there is very little cause to be concerned about the vulnerabilities under discussion unless you host code for other people as a business model (or use such a service). Otherwise your biggest concern is a web browser that already has a whole host of actual and theoretical vulnerabilities of its own.

link
okcando 2448 days ago
> They gave the market what the market demanded at a cost they tolerated.

This suggests a level of informed consent that I don't think existed. It implies that "the market" (who?) knew of, understood, and agreed to the risks.

And anyway, "the market" does a poor job of representing some of its stakeholders, notably the disorganized group known as users, and immediate competitive advantage may be the only metric driving decision-making.

link
marcosdumay 2448 days ago
Intel made decisions that favored the actual indicators people were looking at with a hidden cost on things people weren't aware of. They got the market exactly what the market demanded while deceiving that market by applying known bad practices. There is a huge difference in impact from saving money by using lead-based paint, but it's the same kind of decision.

> unless you host code for other people as a business model

Or is a victim of one of those javascript based exploits when visiting a random site.

link
yardie 2449 days ago
Any security researcher or engineer worth their salary is already planning for those theoretical vulnerabilities. Ideas like these are hashed out at the development meeting. Not fixed after the cart has left the barn.
link
AnIdiotOnTheNet 2448 days ago
And yet people use Linux instead of OpenBSD, because it turns out security isn't always the most important consideration.
link