Linus Torvalds he is a legendary figure in the world of computing. Known mainly for being the creator of the Linux kernel, he still holds the reins today, verifying firsthand the work done by the developer community. The announcement of the Linux kernel dates back to 1991 when he, at the age of just 21, published a now famous post on Usenet announcing the project.
Initially conceived as a hobby project, Linux – thanks also to contributions from the Free Software Foundation with the idea of GNU – it has grown to become one of the most used operating systems in the world, powering servers, embedded devices, supercomputers and much more.
In addition to his exceptional technical skills, Torvalds is also known for his grumpy character and cutting comments. This personality trait has generated controversy over the years, with criticism from some members of the tech community accusing him of being too harsh and undiplomatic towards collaborators and contributors to the Linux project. One of the most heated clashes involved Torvalds and a Google employee at the beginning of 2024.
Side-channel attack in processors: RISC-V will not be immune to any problems according to Linus Torvalds
The interview given a few days ago to Dirk Hohndel, one of the developers of the “early” Linux kernel, during a summit organized in Seattle by the Linux Foundation, allows us to get a rather precise idea of Torvalds’ thoughts on the latest IT news.
Side-channel attacks in processors are commonplace and require continuous interventions also at the level of the Linux kernel to mitigate their effects on the security level. safety. He also cited the recent discovery of the Specter v2 vulnerability as “frustrating.”
The “king” of the Linux kernel admitted: “we have five generations of hardware that we can’t fix after the fact, and it will be another couple of years before new hardware is available that can help fix the root problem“.
Torvalds says RISC-V will face similar problems to those faced by x86 and ARM architectures
The approach open hardwarefor example the one proposed by RISC-V, an architecture that is defined by many as the solution capable of overcoming both x86 and ARM, because it is free from the heavy “burden” gradually inherited by both ISAs (Instruction Set Architecture), does not entirely convince Torvalds. While legendary chip designer Jim Keller is betting big on RISC-V, Torvalds claims the following: “my fear is that RISC-V will make the same mistakes that everyone else has made before… When RISC-V becomes a larger and more widely deployed platform, they will have all the same problems that the x86 and ARM side experienced. And it will take a few generations before they admit they haven’t thought about a specific issue“, with many people who in the meantime have abandoned the project.
But if the hardware is developed with an open framework, won’t it be easier for developers to avoid running into the mistakes of the past again? “There’s a pretty big gap even between Verilog (standard hardware description language, ed.) and the kernel“ Torvalds noted, adding that by working much higher up the stack, even further away from the hardware, you have very little idea of how things work at the bottom of the stack.
The concept of trust (trust) in software development
The problems, however, do not arise only from the hardware architecture but increasingly also affect the software supply chain. We were forcefully reminded of this by the backdoor added in the XZ Utils, popular data compression libraries widely used in the main Linux distributions.
Torvalds admits that no one is exempt from these incidents, neither open nor proprietary software. And he recalls an event dating back to 2021 when a group of researchers from the University of Minnesota demonstrated how easy it would be to carry out the loading incorrect patches (potentially containing malicious code) within the Linux kernel.
It’s all about the trust concept: trust in a company, in its managers and vice versa, in its employees, in its collaborators. The same thing can be said when talking about projects open source.
According to Torvalds, a lot of work will need to be done on this aspect by automatically activating “alarm bells” when, for example, a contribution arrives from an unknown person or when a member of the community begins to behave anomalously. The key is being able to count on a “healthy community”.
Artificial intelligence and open source: a potentially winning combination, according to Torvalds
Contrary to the comments many might have expected, Torvalds did not stigmatize the negative aspects ofartificial intelligence. “My personal opinion is: let’s wait 10 years and see where AI will actually go before making crazy announcements like <
Regarding the relationship between AI and software programming, Torvalds says he is largely optimistic. The most advanced solutions based on modern generative models will allow locate bugs and solve them more easily than in the past. “Making tools smarter isn’t a bad thing“, he added.
In short, we have seen that models like GPT-4 can generate working exploit codes. This is certainly true, but at the same time AI will allow us to automate the scanning of security issues and the margins for code optimization that often escape human verification.
His frankness and direct style have become something of a Torvalds trademark, drawing admiration from some for his authenticity and honesty. Other observers, however, continue to judge Torvalds as excessively critical and intransigent. Despite his fiery temper, Torvalds remains a respected and admired figure in the world of computing, recognized for his extraordinary contribution to the dissemination and development of open source software, as well as an advocate of free software.
Opening image credit: Copilot Designer.