AMD rebuilt an entire architecture in 5 years. No reason Intel can’t do it.
2 Likes
Amusingly enough, architecture is not Intel’s strong suit, but regardless, the issue is that like AMD, you can expect such a re-design to require multiple years of lack of outward progress and some luck to accomplish.
Keep in mind we have no example of a multi-scalar, OOE processor architecture to-date that is immune to this sort of exploit. We are on the front end of fully understanding what this means.
I think we should realistically expect incremental improvements by Intel in coming releases that don’t fully address the issue and we should expect exploits not even identified to continue to flow in. Each new generation will include more and more hardening.
It speaks to AMD’s accomplishment that they made such a big change AND managed to make it perform well AND made it scale to future improvements and process as demonstrated by Zen+ … but note that they still were exposed to various Specter class exploits and we can expect them to suffer from future exploits as well.
All of that speaks to the task at hand for Intel. This is not an easy ask. Frankly, Intel without people like Jim Keller was not the best company to do it (to put it lightly) and with him and others faces enormous IP and R&D obstacles assuming Keller was even going to work on this - which outward indications suggested he was not slated for such things…
1 Like
“Also, the company has noted that Zen 2 Architecture will be immune to Spectre and Meltdown security flaws, Not only that, the company is confident that ZEN 2 CPUs will not only be immune to these flaws but we be secure from any potential security exploit in the future.”
“Furthermore, AMD Is not the only one making changes to the architecture of their CPUs as Intel has promised a hardware fix for its processors that will roll out in 2019.”
Both companies claim they will be Spectre free as early as next year. Time will tell.
1 Like
Wow, “secure from any potential security exploit in the future”. Sounds legit.
And again, it isn’t difficult to make your CPU immune to branch prediction attacks, you can simply turn off branch prediction. But that murders performance, so the kicker is protecting against these attacks while also minimizing the performance impact.
1 Like
That’s just buzzwords and PR speak. Don’t take it too seriously.
Except this wasn’t a quote from AMD in the article. I’d like to see where they say that, because no way would they be so overconfident. This is the only relevant quote (all their links link back to their own articles):
“Longer term, we have included changes in our future processor cores, starting with our Zen 2 design, to further address potential Spectre-like exploits. We continue to collaborate closely with the industry on these vulnerabilities, and are committed to protecting AMD users on these and other security threats, as they arise.”
From their own linked article:
“For Spectre variant 1, we continue actively working with our ecosystem partners on mitigations, including operating system packages that have begun to roll out. We continue to believe that variant 2 of Spectre is difficult to exploit on AMD processors. However, we are deploying CPU microcode packages that in combination with operating system patches, provide additional mitigation steps.”
Nothing about “exploit proof.”
This is the internet, surely you don’t expect me to read the source article!
1 Like
That’s the fun part, there isn’t a source! Irritating to say the least. Looks a lot more like editorializing.
1 Like
I just remember it being mentioned in a Hardware Uboxed news corner, or maybe a GN News thing, and took the first article I found mentioning it from the old gargler.
Hey Intel might get their manufacturing process back on track to release some new chips next year in time for Spectre-DS9 
1 Like
Spectre V3a and V4 are official. That is two out of the eight on the Spectre NG list.
Here are the official statements from ARM, Intel and AMD.
https://www.amd.com/en/corporate/security-updates#paragraph-290416
Patches coming soon™.
Here is a Red Hat video on how V4 works:
2 Likes
AMD’s guidance to that involves setting a single MSR bit as a fix:
But LFence is still the recommended mitigation.
4 Likes
Sitrep:
2 Likes
Is there a new embargoed bug?
Si, si señor. Actually a bit controversial as it seems Intel froze FreeBSD out of the notification process again.
Interestingly, reports are this will not impact modern Linux at all as it hasn’t done lazy FPU switching on the CPU since like 2016. So while the potential danger of this bug is huge, as you use the FPU for stuff like AES to store encryption values, the performance impact from fixing it shouldn’t be too bad. So you will definitely need to patch it, and that will be a lot of work and suck, but it won’t hurt to swallow like Meltdown and Spectre.
Of course, all the above could be complete bullshit as we’re speculating about a still-undisclosed bug.
2 Likes
…Its crazy to imagine that within all the bugs there is actually a working cpu 
How hard is it to get this right? At this point, you have to ask if they’re doing this on purpose.
Well, glad to hear that it’s fixed, without (speculatively) a huge performance hit.
The big question is are these bugs deliberate (NSA backdoor assistance that has taken 15-20 years to discover by chance) or not.
Because IMHO, meltdown (specifically) is brain damaged stupid - running code (even speculatively) prior to verifying permission to execute and just hoping you back the state out properly.