Conversation

Notices

1. Christine Lemmer-Webber (cwebber@octodon.social)'s status on Saturday, 11-May-2019 14:41:07 UTC Christine Lemmer-Webber

   Would you buy/use a computer that ran 3x slower than modern machines if it were more secure (less vulnerable to side-channel attacks)?

   [ ] yes, absolutely [ ] yes, but not for games [ ] no, I need all the speed
   • தோட்டக்காரன்(gardener) likes this.
   • binfalse repeated this.
   • Mike Gerwitz (mikegerwitz@social.mikegerwitz.com)'s status on Monday, 13-May-2019 02:51:25 UTC Mike Gerwitz

     in reply to

     • Alexandre Oliva
     @lxoliva had some compelling words about this at LP2019:
     
     https://media.libreplanet.org/u/libreplanet/m/who-s-afraid-of-spectre-and-meltdown/
     
     I don't know if your comment related at all to Spectre, but---if all the software running on your system is free software, what is there to fear? And I agree.
     
     The biggest trouble is that people often run non-free and untrusted code all of the time in their web browsers, and don't see it as a software freedom or security issue. It's important to recognize it for what it is---untrusted, unsigned, ephemeral software---if you're going to consider security tradeoffs when it comes to certain mitigations. I personally don't run JS at all, even if it's free, with very few exceptions, because it's unsigned.
     Adonay Felipe Nogueira repeated this.
   • Christine Lemmer-Webber (cwebber@octodon.social)'s status on Monday, 13-May-2019 11:28:55 UTC Christine Lemmer-Webber

     in reply to

     • Mike Gerwitz
     • Alexandre Oliva

     @mikegerwitz @lxoliva I'm glad you ack'ed the "not signed" aspect; regarding the nonfree vs free software: mark the metadata of javascript as librejs compatible, then perform a read or write attack against the system. (Heck, it even *could* be free software compliant; most likely the target isn't checking the licensing situation when they're under such attack, but it's also trivial to lie about it.)

     Adonay Felipe Nogueira repeated this.
   • Christine Lemmer-Webber (cwebber@octodon.social)'s status on Monday, 13-May-2019 11:31:21 UTC Christine Lemmer-Webber

     in reply to

     • Mike Gerwitz
     • Alexandre Oliva

     @mikegerwitz @lxoliva However, we shouldn't believe that just because something is free software that it is trustworthy, or that we have the capacity to fully audit our software systems for security. The sad reality is that people run way too much code to be able to trust or audit systems, and Ka-Ping Yee's thesis showed that if an attacker wants to add vulnerabilities to (even free) software, even the best programmers won't detect it http://zesty.ca/pubs/yee-phd.pdf

     Adonay Felipe Nogueira repeated this.
   • Mike Gerwitz (mikegerwitz@social.mikegerwitz.com)'s status on Tuesday, 14-May-2019 09:01:28 UTC Mike Gerwitz

     in reply to

     • Alexandre Oliva
     @cwebber @lxoliva Certainly we need to trust it as well. But if you're installing software on your system, there are generally other, more effective ways to compromise the user than resorting to side-channels.
     
     But ensuring your software is signed and reproducible also helps to mitigate targeted attacks---if you're running the same software that everyone else is running, then the risk is very high for someone to do something malicious and tarnish their reputation.
     
     Many users just `curl foo | sudo sh` the latest hot thing as they're instructed.
     Adonay Felipe Nogueira repeated this.