On Fri, Jan 22, 2010 at 8:05 AM, Manuel Ravasio <manuelrava...@yahoo.com> wrote: > May I ask why is i386 considered "hardware insecure"? > Can anyone point me to some documentation on the issue?
I think it's 10% true and 90% meme. You want to sound like the cool kids, so you make vague claims that sound knowledgeable. It's like nobody wants to say perl is useful, because then the cool kids will point and laugh and say "That's just because you're too stupid to know python." Some concrete issues: Little control over writable/executable memory. OpenBSD solved this with segments, but it's not perfect. Lack of IOMMU means rogue devices can cause havoc. WTF are you running rogue devices? Unaligned crazy instruction set makes writing exploits easier. Wasn't designed for virtualization. Doesn't affect you if you don't use it. Shared kernel/userland address space. I think it comes down to x86 doesn't do as much to save you from broken software as some other architectures. This doesn't by itself make it insecure, you need to be running insecure software too.
