- Jul 22, 2014
- 2,525
Ever since the Spectre and Meltdown series of security flaws were disclosed, there have been questions about just how secure the modern CPUs we use can be. At the same time, the difference in which companies were exposed to which specific attacks created confusion about just how to weigh the evidence. Or, to put it bluntly — was Spectre really only a problem for Intel, with incidental exposure for other companies?
A group of Google researchers has an answer to this question, and it’s not one people are going to like. We quote:
...
...
A group of Google researchers has an answer to this question, and it’s not one people are going to like. We quote:
The full research is online and while the language and code are dense, the conclusions are not. Modern microprocessors are susceptible to side channel attacks because speculative execution creates openings for these attacks to exist. Branch prediction and speculative execution are often discussed simultaneously, but there are other types of speculation that don’t involve branch prediction. And there’s no way to protect current CPUs from all of the various permutations inherent to all of these attacks.Vulnerabilities from speculative execution are not processor bugs but are more properly considered fundamental design flaws, since they do not arise from errata. Troublingly, these fundamental design flaws were overlooked by top minds for decades. Our paper shows these leaks are not only design flaws, but are in fact foundational, at the very base of theoretical computation.
...
...