Follow

Intel, ARM, IBM, AMD Processors Vulnerable to New Side-Channel Attacks arxiv.org/abs/2008.02307

@brion @yogthos Okay I reposted that mainly because The Onion's Kelley comics are just the perfect satire of conservative political cartoons

@yogthos who's taking betting odds on whether WebAssembly loses threading again over this

@yogthos ok so my reading of the paper is that the sky is *not* falling, and existing Spectre mitigations cover all the cases described.

It's a re-analysis of some earlier prefetch vulnerabilities as actually being Spectre variants, which caused prefetching in a syscall using bad data.

Some of the original mitigations for those vulns only worked by accident by shuffling registers, and can be retired in favor of using the Spectre mitigations which are already in use.

@mhoye This has seriously been my desktop background for at least a year.

@yogthos "While we confirm the empirical results of previous papers, we show that the attribution to a prefetching mechanism is fundamentally incorrect in all previous papers describing or exploiting this effect. In particular, neither the prefetch instruction nor other user-space instructions actually prefetch kernel addresses into the cache, leading to incorrect conclusions and ineffectiveness of proposed defenses."

O O F
Sign in to participate in the conversation
Mastodon

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!