Ian Cutress muses upon rumors around SiFive, the forerunner of high-performance RISC-V cores.

  • @[email protected]
    link
    fedilink
    English
    171 year ago

    I was expecting this to go into the direction of “China has inserted itself as a state level actor into the development of RISC-V, don’t use it”. That would’ve been ridiculous as the US has been meddling with chips for a long time and we still use their stuff. Having chip designs or instruction set architecture out in the open would give me much more confidence in a chip that anything AMD, ARM, Nvidia, qualcomm or whatever out there release.

    Of course open ISA doesn’t mean the resulting chip will be open, but it’s a step in the right direction.

    • Uranium3006
      link
      fedilink
      11 year ago

      Indeed. We should also develop ways to detect sabotage in the design and manufacturing stages so a user can verify their chip doesn’t have a backdoor

  • @NeoNachtwaechter
    link
    English
    81 year ago

    maintains the open-ness and customization that RISC-V offers

    Thinking about cybersecurity: does this kind of open-ness mean that some evil guys could now design some evil behaviour into the hardware, and no scanner software will ever be able to detect it, because it is only a software scanner?

    • @[email protected]
      link
      fedilink
      English
      371 year ago

      security through obscurity is a bad practice.

      it’s better to be transparent and let everyone analyze your design. the more eyes on it, the better. even the proprietary and obscured Intel CPUs have had security vulnerabilities in the past.

      • @[email protected]
        link
        fedilink
        English
        -31 year ago

        I don’t think it’s so much “security by obscurity” as it’s an issue of a much lower bar for chip production. Intentional back doors or malware represent a huge risk for a product line, so manufacturers won’t put them in without someone like the NSA leaning on them. It’s a simple risk/benefit calculation.

        But the risk is much lower if you can snag a processor design off the 'net, make your modifications, send it off to a fab and sell it under a fly-by-night operation. If it’s ever discovered, you take the money and run.

          • @[email protected]
            link
            fedilink
            English
            -31 year ago

            I don’t see it as irrational. You’re thinking about it the wrong way round.

            Manufacturers buy chips from proven sources, where the chip can be traced back to the fab that made it. The entire system of trust is built on the assumption that the chip designers and fabs are trustworthy and that the shady stuff happens elsewhere in the supply chain.

            When the designers can’t be trusted, it breaks everything. Up until now it hasn’t been a problem except in extremely sensitive areas like military equipment - only governments can force a company to risk everything by compromising their own products. But take the risk away - make it cheap enough to design new microcontrollers - and what’s to stop a chip designer from taking money from (for example) the Russian mafia? IoT is huge, everywhere, and Risc-V is ideally suited for it.

    • The Hobbyist
      link
      fedilink
      English
      221 year ago

      Do you mean that someone can take the design, place a hardware vulnerability and sell it? Sure, but this does not require RISC V to be possible, there are already vulnerable CPUs sold on the market. People have found such vulnerabilities already in reputable Intel CPUs for example (look up Spectre).

        • @fuckwit_mcbumcrumble
          link
          English
          101 year ago

          iDRAC is specifically designed for remote management of serves. Calling it a back door is silly when it’s more of a front door. It’s how Dell intends for you to manage the server.

          • t0m5k1
            link
            English
            0
            edit-2
            1 year ago

            That’s the same train of thought I had when telnet was declared a back door in huawei devices.

            https://www.theregister.com/2019/04/30/huawei_enterprise_router_backdoor_is_telnet/

            During the hey day I passed hcna-rs, the first thing we were taught was to just use telnet as a means to enable shh, then log back in and disable telnet.

            Moral of the story, do not under estimate a nation state’s use of global tech media to effect a global drop of a product or manufacturer from the market.

          • IHeartBadCode
            link
            fedilink
            -21 year ago

            LUL. So you’re right but one of the horror stories I tell around campfires is how many folks don’t know about that front door.

            So how about we agree to “surprise feature” for iDRAC? And, yes yes, I can feel the “they shouldn’t be admins” coming.

            • ggppjj
              link
              English
              31 year ago

              It has to be enabled, right? So if someone enabling iDRAC doesn’t know that it exists…

    • baduhai
      link
      fedilink
      English
      111 year ago

      Don’t downvote this person, they’re just asking a question.