No announcement yet.

Google Engineer Shows "SESES" For Mitigating LVI + Side-Channel Attacks - Code Runs ~7% Original Speed

  • Filter
  • Time
  • Show
Clear All
new posts

  • #41
    Originally posted by hotaru View Post

    how much did the NSA pay you for that?
    10K per month. Do you want too?


    • #42
      Originally posted by stormcrow View Post
      ... mitigations just make it harder to exploit the problem, not bar exploitation entirely. Right now, that's only certain ARM 32 CPUs, and perhaps MIPS. Even OpenPOWER was hit by Spectre problems though not as badly as Intel's CPUs. I'd really like to see Google's Red Team dig into the POWER 9 CPUs to see if they are a viable, if expensive, alternative for actual security, and not just the market-speak from Talos and IBM.
      Phoronix did a comparison last August (and numerous other times) and IBM publishes information about POWER exploits on their website, it's not only the mitigations but also compiler maturity and architecture performance that determine which company has the most bang for the buck.

      AMD is planning a tweak to its architecture in Milan, and it makes sense that they would fix what they can in the hardware.