Sujet : Re: Another security vulnerability
De : tkoenig (at) *nospam* netcologne.de (Thomas Koenig)
Groupes : comp.archDate : 25. Mar 2024, 07:37:31
Autres entêtes
Organisation : A noiseless patient Spider
Message-ID : <utr63b$u40q$1@dont-email.me>
References : 1
User-Agent : slrn/1.0.3 (Linux)
Stephen Fuld <
sfuld@alumni.cmu.edu.invalid> schrieb:
https://arstechnica.com/security/2024/03/hackers-can-extract-secret-encryption-keys-from-apples-mac-chips/
It's Groundhog Day, all over again!
So, is there a way to fix this while maintaining the feature's
performance advantage?
From what is written in the article, nothing is currently known.
For new silicon, people could finally implement Mitch's suggestion
of not committing speculative state before the instruction retires.
(It would be interesting to see how much area and power this
would cost with the hundreds of instructions in flight with
modern micro-architectures).
For existing silicon - run crypto on efficiency cores, or just
make sure not to run untrusted code on your machine :-(