Print 93 comment(s) - last by kalak.. on Aug 8 at 2:42 PM

Developers told not to panic over new Intel Core 2 Duo steppings

OpenBSD founder Theo de Raadt publicly denounced Intel’s Core 2 processors on the OpenBSD mailing list. Raadt cited 38 pages of processor errata from Intel’s published CPU specifications (PDF).

“These processors are buggy as hell, and some of these bugs don’t just cause development/debugging problems, but will *ASSUREDLY* be exploitable from userland code," Raadt said. "Some of these are things that cannot be fixed in running code, and some are things that every operating system will do until about mid-2008, because that is how the MMU has always been managed on all generations of Intel/AMD/whoeverelse hardware."

Linux coordinator and former Transmeta employee Linus Torvalds, thought otherwise and considers these bugs “totally insignificant.”

Processor errata is nothing new, Torvalds said. Commodity CPUs such as chips based on the Intel Core 2 architecture have a considerably lower bug rate than proprietary boutique CPUs.

“Yeah, x86 errata get more attention," said Torvalds. "But those things are pretty damn well tested. Better than most.”

The errata document specifically mentions the Core 2 Duo E4000, E6000, and X6800 series processors. None of the errata are nearly as insidious or widespread as more infamous problems, like the original Pentium floating-point bug, although some can lead to buffer overflow exploits, claims de Raalt. All of the current errata have patches in the works or can be — and have been — worked around by developers.

In a statement from Intel Global Communications, Nick Knuppfer writes:

“Months ago, we addressed a processor issue by providing a BIOS update for our customers that in no way affects system performance. We publicly documented this as an erratum in April. All processors from all companies have errata, and Intel has a well-known errata communication process to inform our customers and the public. Keep in mind the probability of encountering this issue is extremely low."

“Specification Updates for the affected processors are available at All errata are thoroughly investigated for issues and vulnerabilities, should they have any we fix them, usually through a microcode update.”

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

RE: well duhhhhhh............
By mindless1 on 7/2/2007 2:34:34 PM , Rating: 2
NObody said everything is bug free, but fixing what you can (and already know about) is a lot better than not. To me it reads more like you're being subjective then using that as an extrapolated excuse for Intel. These are not errata they didn't find, they're the ones they did already.

If I was using your software and you had been informed of the flaws and potential for them to be exploited, you would do well to address those flaws. I wouldn't expect combing through a lot of code to find them all as a first point of recognition, but when they're pointed out by another party, made public, they should be addressed, patched.

The only question was really how likely anyone was to use these for exploits and now that the word is out to the masses, it becomes a lot more likely people are working towards that end. Some hackers are able to take the ball and run with it, but first might have to be passed that ball, given the idea.

RE: well duhhhhhh............
By Ringold on 7/2/2007 5:34:07 PM , Rating: 1
Except that in many cases fixing a flaw in code involves a little typing, a few mouse clicks, letting a compiler do its work, and whoola. Changing the silicon is, as I understand it, an extremely expensive proposition, and when errors are found that essentially amount to nothing it's understandable that Intel lets it go with a simple BIOS fix rather than having highly-paid engineers first redesign the chips, and then other engineers change the industrial process, and then having a new production run just to fix errors. Software is nice in the whole zero marginal cost aspect, but you (and OpenBSD's homeboy) are getting ahead of yourselves assuming you already know that the cost of fixing the errors would be outweighed by the benefits.

Plus, Torvalds, of higher esteem and not a known radical, essentially threw the BS flag on the whole arguement. As I said in a previous post, the guys probably an attention whore.

"DailyTech is the best kept secret on the Internet." -- Larry Barber

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki