Vulnerable Design Patterns

An ‘improved’ operation defeats security.

“Clearly adding a new operation to an ISA is an improvement. All of the old code works and new code is possible.”

Alas new code by the bad guys is also possible. There is a unconscious notion that if only all the code on your machine were benign all problems would vanish. There is the unstated notion that the only defense is to be sure that there is no bad code on your machine; that is infeasible. (But of course they still want auto-run.)

Foxconn ‘Improvement’ the code