All this Spectre and Meltdown business

I suspected cache monitoring could be used as a sidechain attack back when Intel was desperately trying to fill the netburst pipeline and make their artificially high clock speeds actually do some work. They got so desperate that they invented hyperthreading…

I’m no CPU arch expert, but I have a few clues; so I let the idea go presuming smarter people than I were on the job.

Turns out I should have considered it more.

Meltdown is a result of being just plain sloppy. Taking shortcuts. Which is kinda what I expect from Intel. They’re the epitome of “measure it with a micrometer, mark it with chalk, cut it with an axe” mentality, and always have been.

Spectre is a bit trickier, but it should have been considered. I ass-u-me(d) that there was true segregation of privilege here…

Renewed my interest in RISC-V, but it still seems like that project is barely moving… Would be nice if these events would light a fire under it, but I doubt it. Anything that comes out of California…

The good news I’ve found; all versions of the Raspberry Pi are immune. They use branch prediction, but not speculative execution. There’s no artifact to analyze.

The XU4s, are, unfortunately, boned.

So, crypto nerds, time to dust off those Pis…

Leave a Reply

Your email address will not be published. Required fields are marked *