You misunderstand, we check the whitelisted subset of functionality we rely on, of course we can check it works as we expect?
-
-
You specifically said you're concerned about things like overclocking causing incorrect behavior on branches How exactly do you check that doesn't happen and branches are executed properly on overlocked CPUs?
1 reply 0 retweets 1 like -
We test it. I think you're asking how can I be certain that it will work on every unit of that model ever produced, but obviously the answer is we can't, but we have higher confidence after checking?
1 reply 0 retweets 0 likes -
Since you're whitelisting based on vendor (?), no. Testing one uarch shouldn't give you any more that another uarch works than that a Transmeta chip works. And within one uarch, how exactly are you testing? I suspect the answer is technically yes, but only in a meaningless way.
1 reply 0 retweets 1 like -
It's a compromise, I would prefer a more specific check. Not sure what alternative you're proposing, just start depending on how obscure parts of the spec works under attack without even testing?
1 reply 0 retweets 0 likes -
IMO, this answer sounds like 1. Something must be done 2. This is something 3. We should do this I think almost any competent CPU engineer would tell you that this actually has no meaningful impact. You're pointing out a real problem, but that doesn't mean this helps at all.
2 replies 1 retweet 6 likes -
Well, that's half of it. The other half of your response is that if we don't do this test that does nothing, we also shouldn't test anything? But no one is proposing removing CPUID feature checks for features you're actually using.
1 reply 0 retweets 0 likes -
What's your mental model of the failure mode you're going to catch? The reason a competent CPU engineer is going to tell you this is useless is that their model of what might fail will expect that you get no new information from running the test even on thousands of chips.
2 replies 0 retweets 0 likes -
Interesting, so if I test 1000 chips, and they all fail, your saying that it's still safe to make this security sensitive?
1 reply 0 retweets 0 likes -
Come on, do you want to have a discussion or score points? Seems like you're more interesting in just scoring points?
2 replies 0 retweets 1 like
I don't know, I'm explaining that making sure something works seems prudent. if I test some samples and all of them fail, should I still enable it? It seems obvious the answer is no, what are you arguing?
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.