在中国, 暑假可是一年中的装机购机的黄金时段,
然而面对intel的这个cpu, 你还会买嘛?
http://tech.qq.com/a/20070702/000049.htm
【赛迪网讯】7月2日消息,据国外媒体报道,OpenBSD创始人希欧·德拉特(Theo de Raadt)日前表示,英特尔酷睿2(Core 2)存在大量潜在严重安全漏洞,而英特尔并未提供足够的信息让开发人员来评估和解决这些问题。
德拉特称,存在安全隐患的处理器是今年4月出货的。他说:“这些漏洞是非常可怕的,一些漏洞不仅仅影响到开发和调试,有些还可以被利用。而英特尔并未正确评估这些漏洞所带来的影响,有些漏洞确实存在严重的安全隐患。”
德拉特称,这些漏洞最有可能导致系统崩溃,而有些则可以被利用来发动攻击。但德拉特同时承认,目前还尚未发现这些漏洞被用来攻击。最近,英特尔发布了一款BIOS补丁程序,解决了部分问题。但英特尔并未说明,哪些漏洞尚未被修复。
对此,英特尔发言人称:“英特尔有十分严格的验证和测试程序,同样,我们的OEM和渠道伙伴也拥有自己的测试程序。我们将对此事进行调查,并尽力解决每一个问题。自从1994年,我们就开始公布正误表,这是其他半导体公司很难做到的。”
OpenBSD: Intel Core 2 Bugs
June 30, 2007 - 11:37am
Submitted by Jeremy on June 30, 2007 - 11:37am.
Theo de Raadt [interview] described an active effort by OpenBSD developers to work around "serious bugs in Intel's Core 2 cpu". He went on to explain, "these processors are buggy as hell, and some of these bugs don't just cause development/debugging problems, but will *ASSUREDLY* be exploitable from userland code. As is typical, BIOS vendors will be very late providing workarounds / fixes for these processors bugs. Some bugs are unfixable and cannot be worked around. Intel only provides detailed fixes to BIOS vendors and large operating system groups. Open Source operating systems are largely left in the cold." He provided a link to the full errata (in PDF format) as well as a graphical overview, summarizing:
"Note that some errata like AI65, AI79, AI43, AI39, AI90, AI99 scare the hell out of us. Some of these are things that cannot be fixed in running code, and some are things that every operating system will do until about mid-2008, because that is how the MMU has always been managed on all generations of Intel/AMD/whoeverelse hardware. Now Intel is telling people to manage the MMU's TLB flushes in a new and different way. Yet even if we do so, some of the errata listed are unaffected by doing so.
As I said before, hiding in this list are 20-30 bugs that cannot be worked around by operating systems, and will be potentially exploitable. I would bet a lot of money that at least 2-3 of them are."
http://kerneltrap.org/node/8472复制内容到剪贴板
代码:
From: Theo de Raadt [email blocked]
To: misc
Subject: Intel Core 2
Date: Wed, 27 Jun 2007 11:08:16 -0600
Various developers are busy implimenting workarounds for serious bugs
in Intel's Core 2 cpu.
These processors are buggy as hell, and some of these bugs don't just
cause development/debugging problems, but will *ASSUREDLY* be
exploitable from userland code.
As is typical, BIOS vendors will be very late providing workarounds /
fixes for these processors bugs. Some bugs are unfixable and cannot
be worked around. Intel only provides detailed fixes to BIOS vendors
and large operating system groups. Open Source operating systems are
largely left in the cold.
Full (current) errata from Intel:
http://download.intel.com/design/processor/specupdt/31327914.pdf
- We bet there are many more errata not yet announced -- every month
this file gets larger.
- Intel understates the impact of these erraata very significantly.
Almost all operating systems will run into these bugs.
- Basically the MMU simply does not operate as specified/implimented
in previous generations of x86 hardware. It is not just buggy, but
Intel has gone further and defined "new ways to handle page tables"
(see page 58).
- Some of these bugs are along the lines of "buffer overflow"; where
a write-protect or non-execute bit for a page table entry is ignored.
Others are floating point instruction non-coherencies, or memory
corruptions -- outside of the range of permitted writing for the
process -- running common instruction sequences.
- All of this is just unbelievable to many of us.
An easier summary document for some people to read:
http://www.geek.com/images/geeknews/2006Jan/core_duo_errata__2006_01_21__full.gif
Note that some errata like AI65, AI79, AI43, AI39, AI90, AI99 scare
the hell out of us. Some of these are things that cannot be fixed in
running code, and some are things that every operating system will do
until about mid-2008, because that is how the MMU has always been
managed on all generations of Intel/AMD/whoeverelse hardware. Now
Intel is telling people to manage the MMU's TLB flushes in a new and
different way. Yet even if we do so, some of the errata listed are
unaffected by doing so.
As I said before, hiding in this list are 20-30 bugs that cannot be
worked around by operating systems, and will be potentially
exploitable. I would bet a lot of money that at least 2-3 of them
are.
For instance, AI90 is exploitable on some operating systems (but not
OpenBSD running default binaries).
At this time, I cannot recommend purchase of any machines based on the
Intel Core 2 until these issues are dealt with (which I suspect will
take more than a year). Intel must be come more transparent.
(While here, I would like to say that AMD is becoming less helpful day
by day towards open source operating systems too, perhaps because
their serious errata lists are growing rapidly too).OpenBSD founder: Core 2 chips are 'buggy as hell'
by Cyril Kowaliski - 09:08 am, June 29, 2007
Last week, Microsoft released a "microcode reliability update" for Intel processors. According to The Inquirer, the update fixes problems with Core 2 Duo E4000/E6000-series, Core 2 Quad Q6600, Core 2 Extreme QX6700, and Core 2 Extreme QX6800 processors on the desktop, Core 2 Duo T5000- and T7000-series processors on the mobile front, and Xeon 3000-, 3200-, 5100-, and 5300-series processors in the server/workstation world. However, Microsoft didn't release any information about what bugs the update actually fixes or what bugs may still remain.
On Wednesday, OpenBSD founder Theo de Raadt posted a rant in a mailing list that alleged Intel's Core 2 processors were plagued with many "serious bugs." De Raadt didn't mince words:
These processors are buggy as hell, and some of these bugs don't just cause development/debugging problems, but will *ASSUREDLY* be exploitable from userland code.
As is typical, BIOS vendors will be very late providing workarounds / fixes for these processors bugs. Some bugs are unfixable and cannot be worked around. Intel only provides detailed fixes to BIOS vendors and large operating system groups. Open Source operating systems are largely left in the cold.
De Raadt links a list of errata (PDF) from Intel's site and explains, "Hiding in this list are 20-30 bugs that cannot be worked around by operating systems, and will be potentially exploitable. I would bet a lot of money that at least 2-3 of them are."
The guys at ExtremeTech have asked Intel to comment, but the company would not confirm or deny Raadt's assessment or discuss any plans for a respin or recall of Core 2 chips. Intel spokesman Nick Knupffer appeared to downplay the allegations. "All processors from all companies have errata, and Intel has a well-known errata communication process to inform our customers and the public," he stated, adding that Intel investigates all errata and issues fixes if problems and vulnerabilities are found.
http://techreport.com/onearticle.x/12777
