Incidentally, Spectre and Meltdown are making me really grateful I took 6.004 and http://csg.csail.mit.edu/6.S078/6_S078_2012_www/ … at MIT. It's a much more visceral "I could have made that mistake" having actually implemented a branch predictor in Bluespec/Verilog.
Yes, but it's not our job to be making the reliable foundation upon which everything they do depends.
-
-
One thing's for sure though - infosec ppl really should delve into understanding hardware more.
-
I'd say 9/10 serious infosec peeps would respond to "it does speculative loads from speculative addresses" with a "holy fucking W T F ?!?!" and at least 5/10 would find vulns once being aware of that.
-
I think that's hindsight bias talking. https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html … lists references starting from http://www.cs.binghamton.edu/~dima/micro16.pdf … where serious infosec folks broke *parts* of speculative execution without realizing they could actually read data with it.
-
Yes but that's the complex BTB stuff. "Variant 1" (bounds check bypass) is much more obvious once someone tells you cpus are doing something that idiotic.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.