Thread time! Why can't they just quickly patch #meltdown or #spectre and push out another cpu? Why could it possibly take years? Why don't they use AGILE or x/y/z? Lots of reasons:
(note: my goal is not to criticize chip manufacturers - it's to defend the constraints they have)
-
-
Failure to provide a way to turn off the unsafe features is what's irresponsible here; if they'd done is the safe & responsible way, a microcode update or even flipping a bit in an already-exposed MSR would have fixed it.
-
I have to believe there's a chicken bit for turning off speculative execution. But why would you want that, when the available OS level fixes probably provide an order of magnitude better performance? Helping that effort is pretty responsible IMHO.
-
There are no OS level fixes for the most serious problem which is P0's "variant 1", and can't be. It doesn't cross OS/cpu privilege domains.
-
Remember the iphone battery deal last month? Imagine the outcry if Intel pushed patches that dropped your cpu to 5 % of it's current performance. I think others might value the trade-off differently from you.
-
They don't have to push a patch to do that. Just expose the MSR and document it and let users do it if they want to.
-
Fair request. I just doubt that anyone would use it...
-
I would, and anyone with security requirements harder than their performance requirements should until they can install suitable replacement hardware.
-
The real issue here is: Users don't care. . For an example how a low level security issue in widespread hw plays out in the real world, look at the mirai bug & bot net in router SW
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.