• English version
  • Version française
  • Versión española

Archivo de April de 2018

Spectre & Spell

Publicado el Sunday 1 April 2018

If you read our news, it is very likely that you have some form of interest for information technologies and as such, it is equally likely you heard about the infamous Intel vulnerabilities known as Spectre and Meltdown along with the tremendous cohort of processors they impact.

Needless to say, TuxFamily had a look at these issues in particular. And, like many other companies and associations, we wondered "what's next?". After all, despite their well-deserved media coverage, Spectre and Meltdown are but successors to row hammer and INTEL-SA-00086 and surely, things cannot end here, right? It felt natural to conclude that we have recently entered some form of dark period, the extent of which ought to be counted in years, characterised by a strong focus of all security-related I.T. professionals on hardware vulnerabilities. Basically, everything we discovered (vulnerabilities), learnt, improved and strove to prevent (good design and coding practices, security audits, peer reviews, etc.) in the latest 20 years is to be done again in the realm of hardware. Another way to put it is: one way or another, we are probably going to be betrayed by every existing piece of I.T. hardware in the coming years. It would be tempting to detail what would (and hopefully will) put an end to this era of misery, but this is not the point of this piece of news.

The main point is: TuxFamily is moving out of x86 processors. For various reasons, we cannot afford to wait until every piece of hardware was deemed a threat to our mutualised infrastructure. Instead, we have to move on, even if that implies to design our own machines. And guess what? This is exactly what we intend to do, thanks to our main sysadmin also being a professional electronics engineer. After further investigations about what sounded like a crazy idea at first, we eventually found the perfect brick to start building the perfect architecture TuxFamily had never dared to dream about. And this brick happens to be... the glorious TMS5100!

Surely, we do not expect all of our beloved hostees to react to that technical name. But we surely expect our plan to suddenly make a lot more sense after we rephrase it this way: we intend to rebuild TuxFamily's infrastructures based on Speak & Spell devices!

A good old Speak & Spell
A good old Speak & Spell (picture by FozzTexx under CC BY-SA 4.0).

Think about it: thanks to their simple design (no notion of rings, no fancy MMU, etc.), not a single hardware vulnerability has ever been registered for these chips. That's right, not a single human ever had to utter "ah, crap, we have to handle the TMS5100 F00F bug ASAP". THAT is what we call "reliable foundations".

And this is where we need you! As of today, all of this remains a theoretical project; we are light-years, if not parsecs, away from our goal. To bootstrap this engineering endeavour, we do not need money (we still have plenty since the association officially moved to the Cayman islands) but we need a total of 3,261 Speak & Spell devices. Alas, we only have 1 for the moment (well, technically, we have two, but a member of the staff refused to let go of his device, claiming it was sacred and he was still using it on a daily basis and we had no right to take it by force and we would have to write our damn news ourselves if we did so). We have no doubt that some of you still have such devices in their basement and are willing to help us achieve hardware independence. Therefore, please quickly mail us your Speak & Spell devices to the following address:

TuxFamily - Spectre & Spell project
1, Rue du Ciel Étoilé
F-75000 Paris

Serge, our favourite intern, will be in charge of receiving, checking, registering, labelling, storing and/or dispatching the precious devices. All languages (English, Spanish, French, German, Italian, Japanese) and variants (e.g. Speak & Read and Speak & Math) are accepted, and all donators will receive weekly updates reflecting our march towards a better future. Do not hesitate, donate now!

With your help, we should be able to replace our infrastructures in a matter of just a few years. Of course, hostees should expect a transition period marked by very slight losses of performance compared to the current infrastructure. But surely, this almost painless transition should be long buried and forgotten by the time the I.T. hardware industry put their products back on track with regards to security.

Edit: as many of you had guessed, it was of course our traditional April Fools' prank. As severe as hardware vulnerabilities can be, we are too lazy to design and build our own hardware and therefore do not actually need your Speak & Spell devices. If by chance you insist on sending us your Speak & Spell, please contact us to get our actual postal address; indeed, the one mentioned above is based on Santa Claus' postal address (the French variant transposed in Paris to be specific) and none of you wants to mess with Santa's after-sales service, right?

RSS Feed