Meltdown-Spectre: A reminder to the IT industry that security is a mirage Watch Now

Linus Torvalds is not happy about the patches that Intel has developed to protect the Linux kernel from the Spectre and Linux flaws.

In a posting on the Linux kernel mailing list, the Linux creator criticised differences in the way that Intel approached patches for the Meltdown and Spectre flaws. He said of the patches: "They do literally insane things. They do things that do not make sense."

Torvalds added: "And I really don't want to see these garbage patches just mindlessly sent around."

Spectre and Meltdown are design flaws in modern CPUs which could allow hackers to get around system protections on a wide range of PCs, servers, and smartphones, allowing attackers to access data including passwords, from memory. Since the flaws were discovered, the tech industry has been scrambling to fix them before they can be exploited.

However, others on the mailing list took a different view: "Certainly it's a nasty hack, but hey -- the world was on fire and in the end we didn't have to just turn the datacentres off and go back to goat farming, so it's not all bad," said one.

It's not the first time the Linux chief has criticised Intel's approach to the Spectre and Meltdown flaws. Earlier this month, he said: "I think somebody inside of Intel needs to really take a long hard look at their CPU's, and actually admit that they have issues instead of writing PR blurbs that say that everything works as designed."



Now read: Cybersecurity in 2018: A roundup of predictions

Torvalds also said that he had decided not to publish the final version of Linux 4.15 this weekend as planned as there was still work to do, and had instead decided to deliver release candidate (RC) nine instead. Torvalds had already warned that the 'Meltdown and Spectre hoopla' might result in another RC being released.

The final version should arrive after this RC, he said.

"I really expect no more delays after this. We've had rc9's before, but they have been pretty rare (the last one was 3.1-rc9 back in 2011 - that release went all the way to rc10, and I really don't think we'll do that this time _despite_ all the CPU bug mitigation craziness)," he said.

Update 23-1-2018: Intel has responded to the comments from Torvalds. "We take the feedback of industry partners seriously. We are actively engaging with the Linux community, including Linus, as we seek to work together on solutions," the company said in a statement.

Recent and related coverage