Pretty sure insider-types have been making ominous statements to the effect that they expect many more performance-harming exploits/mitigations to appear... Scary to think there may well be more bad news of this nature in the pipeline. Also to anyone saying how great this is for AMD, consider this: if you're a security researcher that's uncovered a new class of exploit in, let's say, mid 2017, the obvious platform to code your proof-of-concept exploit for is Intel. This is like saying that linux is more secure because it has less desktop malware in the wild... basically your status as a minority platform provides a relative disincentive to attackers. It's pretty clear that Intel's market-share will not continue as it has in the past, and not only because of the these security issues. IME it's a safe bet that similar exploits will appear for Zen targets sooner or later, and AMD has been wise not to seize this window of opportunity to make sweeping claims about their hardware being free from security flaws.
Finally, to whomever said Intel was cheating, nobody is saying that so far as I know (at least, not about Spectre/Meltdown). This isn't purported to be about cheating, but about performance enhancing features of modern desktop/server platforms that leaked information in ways so subtle that nobody thought of it until now. It would be somewhat scammy if Intel/AMD knew about these issues all along, but chose to suppress that information, rather than develop mitigations. I have not heard any allegations to that effect, and even if such accusations emerged, so long as the exploits in question remained theoretical, I would still take them with a grain of salt.
Finally, to whomever said Intel was cheating, nobody is saying that so far as I know (at least, not about Spectre/Meltdown). This isn't purported to be about cheating, but about performance enhancing features of modern desktop/server platforms that leaked information in ways so subtle that nobody thought of it until now. It would be somewhat scammy if Intel/AMD knew about these issues all along, but chose to suppress that information, rather than develop mitigations. I have not heard any allegations to that effect, and even if such accusations emerged, so long as the exploits in question remained theoretical, I would still take them with a grain of salt.
Comment