Announcement

Collapse
No announcement yet.

New Spectre Variants Discovered By Exploiting Micro-op Caches

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #21
    Originally posted by Duve View Post
    Spectre and Meltdown where always going to come back given that neither Intel or AMD (or anyone else in the realm of performance computing) can engineer themselves out of the problem without take a massive hit to performance.
    Then you haven't been on tech forums lol. According to people on tech forums, AMD is the holy grail and they can do anything Intel can't and never make mistakes. So surely they will be able to fix Spectre and Meltdown without performance hits. I mean… right?

    Comment


    • #22
      To hell with those researchers.
      I usually respect people and it takes a lot for me to disrespect anyone.

      But ever since new exploits were being made public with a freaking movie trailer is when this field of research totally lost all respect i had for it.

      Comment


      • #23
        Originally posted by ms178 View Post
        My take away: You might just as well run with mitigations=off and enjoy the better performance, there is no security in any current x86 architectures at all.
        Side channels in CPUs are not tied to any specific ISA. The ISA almost has 0 relevance to this.
        ARM CPUs of similar complexity are equally likely to suffer such sidechannels.

        If you prefer you can say that Intel and AMD design teams suck. I'll buy that as an opinion. But not the ISA.

        Comment


        • #24
          It's sad that the world still has douche bags that think it is acceptable to make the world a worse place by tying up valuable talent fixing their evil shit rather than using those talents for adding new features or improving speed. What kind of A hole do you have to be to think developing these exploits is the very best use of your time.

          Comment


          • #25
            Originally posted by skeevy420 View Post

            Why is it when something is exploited it goes into a whitepaper? Why are whites always the exploiters?
            Just thought the same wie should defund those researchs ....or the blackhats never telling us the exploits for obvious reasons

            Comment


            • #26
              Well, now that Moore's law is dead, cpu manufacturers have found a new way to push for costly upgrades, just have some researchers publish new holes to fix that butcher the performance on older chips and force people to upgrade sooner. Call me a conspiracy theorist, i don't care. Both Intel and AMD have shown little care for actually fixing their damn architectures, and it has been years since the first Spectre/Meldown reveals.

              Comment


              • #27
                Originally posted by gigi View Post
                hmm... spectre is back
                it is not going to slow down neither spare anything
                deadlines!!!! i really despise it now.
                Never went away. Mitigations aren't fixes. A fix means there's no way to exploit it because it's ... fixed. The vulnerability no longer exists. Mitigations just (hopefully) close known avenues of attack. The vulnerability still exists. New paths will undoubtedly be found. No we haven't seen the last of speculative side channel attacks on current and future hardware that still use the same flawed performance architectures and why these vulnerabilities cover nearly every modern CPU in existence from ARM64 (including M1), to POWER, to AMD64, and it'll include RISC-V if any mfg decides to do the same flawed performance designs.

                Comment


                • #28
                  Originally posted by Duve View Post
                  Spectre and Meltdown where always going to come back given that neither Intel or AMD (or anyone else in the realm of performance computing) can engineer themselves out of the problem without take a massive hit to performance. I think that it will be some time before the compute industry at large has any answer(s) to those family of bugs without the sacrifice on the alter of speed.
                  By the look of it, I suspect that it will take a set of new architecture to do that.
                  You don't need a new architecture. Intel already has an architecture that is largely immune to Spectre, namely IA64. The Itanium's EPIC (not to be confused with EPYC) model moves the complexity which led to Spectre from the CPU into the compiler instead.

                  Originally posted by ms178 View Post
                  designs more secure products without sacrificing performance.
                  There was an excellent talk by former Intel engineer Gal Diskin at 30C3 (on a slightly unrelated topic) where he addressed this idea. Performance and security are contrary goals. The more you push one, the more the other suffers.



                  Originally posted by birdie View Post
                  OoOE goes hand in hand with Spectre. Period. If you have brilliant ideas how to make OoOE work regardless - all CPU designers are listening to you carefully. In fact Intel, AMD, ARM and Apple will all pay you a billion of dollars to solve the issue.
                  Probably the only solution to avoid this problem entirely is to not use out-of-order execution.

                  Originally posted by milkylainen View Post
                  Side channels in CPUs are not tied to any specific ISA. The ISA almost has 0 relevance to this.
                  ARM CPUs of similar complexity are equally likely to suffer such sidechannels.

                  If you prefer you can say that Intel and AMD design teams suck. I'll buy that as an opinion. But not the ISA.
                  The ISA is certainly conducive to making CPUs complex and susceptible to such problems. If you don't need any micro-OPs then you need no micro-OP cache either. Also the IA64 VLIW-style ISA is targeted squarely at EPIC designs.

                  Comment


                  • #29
                    Originally posted by birdie View Post

                    Please read on Spectre and OoOE, and you won't look stupid You can disable OoOE entirely however that will make CPUs up to a dozen times slower than they are now.
                    I was just speculating, dude. And my Ph.D thesis demands more reading elsewhere.

                    Comment


                    • #30
                      Stop disturbing me, please.
                      I cannot believe it; every day you find an excuse to say "Spectre Variant" and then advertise "MITIGATIONS WITH 100% PERFORMANCE COST"

                      Let me work; thanks.

                      Comment

                      Working...
                      X