Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
garganzol 11 hours ago

For what it's worth, RAM encryption belongs to professional SKUs. It's the right business decision that should have been made from from the very beginning.

For most consumer users, RAM encryption primarily adds power consumption and heat generation while providing little practical benefit. They simply don't face many of the threat vectors and attack scenarios that certain industries and enterprise environments must contend with.

olavgg 10 hours ago | parent | next [-]

I disagree, I play a lot around with enterprise stuff. Its insane that I need to buy enterprise grade hardware that costs 1000x more for lab/experimentation/learning. My only alternative is to wait a few years, and get it from Ebay.

I also believe that a strong reason that Optane pdimm's failed, was that it was only available on enterprise servers so hackers didn't get a chance to play with it and build software that took advantage of this special hardware.

Just look at how specialized Infiniband is, even though its awesome and has some great use cases. If it was a commodity tech, there would be 100x times more applications/software that took advantage of it.

baq 10 hours ago | parent | prev | next [-]

how do you know what threats I face? how do you know what threats journalists and whistleblowers face?

this is approximately the same discussion as with ECC RAM: the benefits vastly outweigh the slight performance loss and die area increases.

bakugo 10 hours ago | parent [-]

ECC passively benefits everyone, even people who don't know what it is or why it's useful. Anyone can be a victim of random bit flips, it's not a targeted threat.

Memory encryption, on the other hand, provides absolutely no benefit to 99.999% of users. If you consider yourself to be such a high value target that you suspect someone might gain physical access to your hardware without your knowledge and carry out extremely sophisticated hardware attacks to extract your data, you are a tiny minority and it makes sense that such niche protections would require buying specialized hardware. Even then, the odds of such an attack being chosen instead of a far less sophisticated software-based approach are also tiny.

Of course, if the hardware itself supports the feature and AMD simply decided to disable it, that's still a shitty thing to do, but let's not pretend that it is in any way comparable to ECC.

akimbostrawman 8 hours ago | parent [-]

Memory encryption can help mitigate much lower level attacks such as row hammer, these attacks get patched even average consumer devices.

No benefit for 99%? people said the same about FDE. Just as there is not a good enough excuse to not validate integrity and availability of data, it is not for confidentiality when its very much technically possible to do so.

15155 2 hours ago | parent [-]

So can scrambling - which is not encryption.

rubyn00bie 11 hours ago | parent | prev | next [-]

This is an absurd take since the referenced chips in the article are all desktop parts, and the power usage is dwarfed by any “modern” (within the last five years) GPU.

There are many people, myself included who opt to use security features like this. All this does is reduce security for folks without any legitimate reason. “Power consumption” is absolutely not a valid excuse to completely disable it.

I’ve been a fan of AMD for a while now but they’re really jumping the shark these days. It’s a real shit situation we’re all in because of the lack of competition in consumer CPUs. I can only hope things like RISCV take off sooner than later.

bflesch 10 hours ago | parent | prev [-]

[flagged]