this post was submitted on 12 Aug 2024
498 points (95.8% liked)

Selfhosted

40173 readers
659 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

Here we are - 3600 which was still under manufacture 2-3 years ago are not get patched. Shame on you AMD, if it is true.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 31 points 3 months ago* (last edited 3 months ago) (2 children)

I dont know.

If I had my choice between a CPU that has a vulnerability that can only be exploited if the system is already compromised

or a CPU that are full of oxidation cancer, or frying themselves and doing irreparable damage.. Which the company is being excessively shady about concretely admitting to any RMA promises and wwill all eventually die in short order..

I think I'm gonna go with the Ryzen and not leave leave my computer outside at defcon.

[–] [email protected] 15 points 3 months ago

Sure but we're talking about several generation old CPUs: nothing's wrong with Intel's 10/9/8th gen CPUs, which would be the contemporary ones to the Ryzen chips in question.

[–] [email protected] 0 points 3 months ago (3 children)

Risc-V is the real response to this problem

[–] [email protected] 4 points 3 months ago (2 children)

How is that? Does risc-v have magical properties that make its designers infallible, or somehow make it possible to fix flaws in the physical design after the CPU has already been fabbed and sold?

[–] [email protected] 3 points 3 months ago

So what you are saying is, it's just as Risc-E

[–] [email protected] 1 points 3 months ago

Because it does not set in stone that there can be only 2 companies producing compatible chips, which can be however bad until both of them does the same shit practices.

So the short answer is by not stifling competition.

[–] [email protected] 4 points 3 months ago (1 children)

As much as I like RISC-V, it is kind of ironic to suggest RISC-V ist the solution to this. At least as it stands, because of RISC-V's simplicity, most if not all current RISC-V CPUs don't even run microcode, so there is nothing to update/fix in case of a CPU bug. There's even a very current example of this problem with that chinese RISC-V cpu that has this "GhostWrite" bug that allows every unpriviliged process to gain root access.

[–] [email protected] 2 points 3 months ago (2 children)

As I said in an other reply, RISC-V is not the solution for the reason that they are perfect today. It is because it is not limited to being used by a few megacorporations that do whatever they want, but it allows competition where companies do what they need to become and remain a good choice.

[–] [email protected] 1 points 3 months ago

I understood that. My point was rather that in this particular case (a CPU bug that could be fixed via microcode, but AMD chose not to do so for certain CPUs), RISC-V wouldn't have been of any advantage, because there would be nothing to fix in the first place. Sure, one could introduce microcode for RISC-V and people have argued in favor of doing so for this exact reason, but the architecture was intentionally designed to not require microcode.

[–] [email protected] 0 points 3 months ago

Now we just need a friendly neighbourhood nanoscale fab.

[–] [email protected] -2 points 3 months ago* (last edited 3 months ago)

You're correct. I despise this ridiculous acceptance of the notion of trust of one man's "work" which fails if we're lucky and almost guaranteed a back-stabbing three-letter's Backdoor.