The Meltdown flaw is specific to Intel, but Spectre is a flaw in design that has been used by many processor manufacturers for decades. It affects virtually all microprocessors on the market, including chips made by AMD that share Intel’s design and the many chips based on designs from ARM in Britain.
Spectre is a problem in the fundamental way processors are designed, and the threat from Spectre is “going to live with us for decades,” said Mr. Kocher, the president and chief scientist at Cryptography Research, a division of Rambus.
“Whereas Meltdown is an urgent crisis, Spectre affects virtually all fast microprocessors,” Mr. Kocher said. An emphasis on speed while designing new chips has left them vulnerable to security issues, he said.
“We’ve really screwed up,” Mr. Kocher said. “There’s been this desire from the industry to be as fast as possible and secure at the same time. Spectre shows that you cannot have both.”
On Wed, 3 Jan 2018, Chavdar Ivanov wrote:
Any comments in this part of the wood about https://www.theregister.co.uk/2018/01/02/intel_cpu_design_fl ?aw/
I have one. In my world, performance > security. I don't fully understand the internals of the issue. It sounds like some kind of MMU hardware flaw that can't be patched with microcode. The chosen fix appears to be some kind of more software-slanted memory protection.
Nonetheless, as a user, can I get this as an *option* instead of forced down my throat? I didn't pay for my CPUs to turn off a third of it's performance. Ie..
"TAKE_A_BIG_PERFORMANCE_HIT_BECAUSE_SECURITY=true"
That's my only real comment other than "this really sucks for all of us and I hope Intel's stock tanks accordingly." I just spent the last year learning assembler. I'm glad it was 68k not x86.
-Swift