You know, he's not wrong. This is, in impact, way bigger than Intel's FDIV fiasco and that ended up in recalls.
No it's not. It is more wide spread but it certainly isn't bigger.
- The FDIV scenario could cause a wrong result from a processor. This can merely cause a security breach. - Security can be layered and worked around. A calculator that produces the wrong answer checked by a calculator with the same fault can not work around itself. - This fiasco relies on a targeted attack on a specific user. The FDIV bug is something a user would hit at random (and according to a citation needed quote on Wikipedia would do so
- The FDIV scenario could cause a wrong result from a processor. This can merely cause a security breach.
- The FDIV scenario could merely cause a wrong result from a processor. This can cause a security breach.
FTFY.
- Security can be layered and worked around. A calculator that produces the wrong answer checked by a calculator with the same fault can not work around itself.
The history, and pre-history of man (and other animals) is full of workarounds. No engineer knows the phrase "cannot be worked around", except maybe as a joke.
You also changed the grammar cunningly between the 2 sentences.
1. "Can be layered and worked around" - true for both security and wrong arithmetic answer.
2. "Can not work around itself" : true for both security and wrong arithmetic answer.
Whatever you think of my grammar the fact is that a calculator that miscalculates and then makes decisions on its result is bad. A security vulnerability that requires executing code on the target combined with detailed knowledge of the target system in order to do achieve anything malicious is quite low in the grand scheme of security vulnerabilities. It is not wormable, it is not automatable, and it can be defended against through layered security.
The FDIV bug was far worse, thinking otherwise is extremely
Do you realize you are just restating your opinion, without defending the incorrect assertion that both can be worked around ?
Also, both cannot work around themselves, they need a human to implement the work around once in the program after which the work around is in place until next software update.
"I want repaired processors for free" (Score:5, Insightful)
You know, he's not wrong. This is, in impact, way bigger than Intel's FDIV fiasco and that ended up in recalls.
Re: (Score:2)
You know, he's not wrong. This is, in impact, way bigger than Intel's FDIV fiasco and that ended up in recalls.
No it's not. It is more wide spread but it certainly isn't bigger.
- The FDIV scenario could cause a wrong result from a processor. This can merely cause a security breach.
- Security can be layered and worked around. A calculator that produces the wrong answer checked by a calculator with the same fault can not work around itself.
- This fiasco relies on a targeted attack on a specific user. The FDIV bug is something a user would hit at random (and according to a citation needed quote on Wikipedia would do so
Re: (Score:2)
- The FDIV scenario could cause a wrong result from a processor. This can merely cause a security breach.
- The FDIV scenario could merely cause a wrong result from a processor. This can cause a security breach.
FTFY.
- Security can be layered and worked around. A calculator that produces the wrong answer checked by a calculator with the same fault can not work around itself.
The history, and pre-history of man (and other animals) is full of workarounds. No engineer knows the phrase "cannot be worked around", except maybe as a joke.
You also changed the grammar cunningly between the 2 sentences.
1. "Can be layered and worked around" - true for both security and wrong arithmetic answer.
2. "Can not work around itself" : true for both security and wrong arithmetic answer.
Sou
Re: (Score:2)
Whatever you think of my grammar the fact is that a calculator that miscalculates and then makes decisions on its result is bad.
A security vulnerability that requires executing code on the target combined with detailed knowledge of the target system in order to do achieve anything malicious is quite low in the grand scheme of security vulnerabilities. It is not wormable, it is not automatable, and it can be defended against through layered security.
The FDIV bug was far worse, thinking otherwise is extremely
Re: (Score:2)
Do you realize you are just restating your opinion, without defending the incorrect assertion that both can be worked around ?
Also, both cannot work around themselves, they need a human to implement the work around once in the program after which the work around is in place until next software update.
Re:"I want repaired processors for free" (Score:2)
s/that both can be worked around / that only one can be worked around /