![]() This impacted the buyers because to address many of these architectural flaws they were going to have to rip and replace the machines in question. They held off until they got past the holidays and the launch of their new processor family, which having been in the design pipeline was also vulnerable. I remember digging around the ARC cpu database and thinking they were gonna get sued over this stuff. The didn't warn people buying (brand new) equipment with Intel processors of these defects at the time and for months after the fact. The part of the suit that is being heard is centered on cases during the period where Intel clearly had full knowledge that Meltdown was serious bordering on catastrophic, and that the mitigations were going to cause a huge performance hit. You are right, it's Probably both, but thats not the point Spectre looked more nuanced: a side effect of other optimizations. Meltdown to me looked trivial to exploit, just a straight up bug in the design of the pipeline. And it was found that the speculative load occurred before security checks were performed, allowing one to figure out the content of memory that would have been trapped if read directly.ĪIUI the chap who found Meltdown - a Googler straight out of uni - read the Intel soft dev manual, saw the part that said if a branch is taken, the CPU won't execute the instructions that follow immediately after the branch, and thought, 'yeah but I wonder if it does?' Whereas, Meltdown was as simple as placing a load after a branch instruction and seeing if the load was speculatively executed even if the branch was taken. Spectre's a bit different IMHO because while it could be exploited to leak data, it was more like discerning info through instrumentation. ![]() ![]() ![]() IMHO it's possible to argue that Meltdown was a defect because Intel trivially broke one or more of the data security guarantees it gave in its documentation (IIRC, it's been a while so ICBW). ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |