1938: "Meltdown and Spectre"

This forum is for the individual discussion thread that goes with each new comic.

Moderators: Moderators General, Prelates, Magistrates

Kludgy
Posts: 10
Joined: Sat Aug 26, 2017 11:45 pm UTC

1938: "Meltdown and Spectre"

Postby Kludgy » Fri Jan 05, 2018 5:24 pm UTC

Image
Title text: New zero-day vulnerability: In addition to rowhammer, it turns out lots of servers are vulnerable to regular hammers, too.

Scary flaw going on here with chips, I don't think my computer's affected, though
Last edited by Kludgy on Fri Jan 05, 2018 6:27 pm UTC, edited 2 times in total.

User avatar
Soupspoon
You have done something you shouldn't. Or are about to.
Posts: 3491
Joined: Thu Jan 28, 2016 7:00 pm UTC
Location: 53-1

Re: 1938: "????"

Postby Soupspoon » Fri Jan 05, 2018 5:37 pm UTC

They happen when they happen. Friday is often much earlier than Monday or Wednesday, but need not be. We must flow with the currents and bend in the breeze.

I predict either that this thread will be deleted, shortly, or else folded into a suitable generic-chatter subforum thread (though I don't think there is one, nor maybe should there be - that'd be up to TPTB to arrange or allow). Especially because (otherwise) one could see people "First post!"ing each comic without even that comic yet being published yet. Would be a horrible precedent.

(My apologies to mods for making assumptions on their behalf, and perhaps improperly deigning to do their job for them. Just thought a quick word in the open, even if later deleted, might help more than a PM to the OP alone. Please remove and replace with your own guidances, especially if it's better. Like "read the stickies!", probably… )

Kludgy
Posts: 10
Joined: Sat Aug 26, 2017 11:45 pm UTC

Re: 1938: "Meltdown and Spectre"

Postby Kludgy » Fri Jan 05, 2018 6:28 pm UTC

Comic is up now.

User avatar
Pfhorrest
Posts: 4797
Joined: Fri Oct 30, 2009 6:11 am UTC
Contact:

Re: 1938: "Meltdown and Spectre"

Postby Pfhorrest » Fri Jan 05, 2018 6:31 pm UTC

I fail to see what moral dilemmas like the Trolley Problem have to do with speculative execution.
Forrest Cameranesi, Geek of All Trades
"I am Sam. Sam I am. I do not like trolls, flames, or spam."
The Codex Quaerendae (my philosophy) - The Chronicles of Quelouva (my fiction)

Hiferator
Posts: 81
Joined: Fri Feb 15, 2013 8:23 am UTC

Re: 1938: "Meltdown and Spectre"

Postby Hiferator » Fri Jan 05, 2018 7:38 pm UTC

Pfhorrest wrote:I fail to see what moral dilemmas like the Trolley Problem have to do with speculative execution.

I think he just liked the phantom trolleys armed with hammers image.

Caesar
Posts: 61
Joined: Fri Oct 24, 2008 12:34 am UTC
Location: Germany

Re: 1938: "Meltdown and Spectre"

Postby Caesar » Fri Jan 05, 2018 7:51 pm UTC

Pfhorrest wrote:I fail to see what moral dilemmas like the Trolley Problem have to do with speculative execution.

Me too.

teelo
Posts: 760
Joined: Thu Apr 08, 2010 11:50 pm UTC

Re: 1938: "Meltdown and Spectre"

Postby teelo » Fri Jan 05, 2018 7:54 pm UTC

Oh, you, OP...

Don't start a blank thread just to be first. Not only is it a tiny bit pathetic, it's also annoying. Complete your thread before submitting it.

sotanaht
Posts: 210
Joined: Sat Nov 27, 2010 2:14 am UTC

Re: 1938: "Meltdown and Spectre"

Postby sotanaht » Fri Jan 05, 2018 8:45 pm UTC

I'd love to see how someone uses a hammer to exploit a server vulnerability. You can destroy the server, but that doesn't get you any access at any level. Hammers might be effective in exploiting the human element though.

Besides, there's the old adage "physical access is total access". If someone is able to bring a hammer to a server, they will most likely be able to do whatever the hell they want with that server, regardless of the hammer.

User avatar
Jorpho
Posts: 6197
Joined: Wed Dec 12, 2007 5:31 am UTC
Location: Canada

Re: 1938: "Meltdown and Spectre"

Postby Jorpho » Fri Jan 05, 2018 8:59 pm UTC

Wasn't there an XBox 360 exploit that worked by hitting the CPU with a big voltage spike? Was that ever developed into a practical modchip?

ETA: Oh, I guess they call it the "reset glitch" now.

Kit.
Posts: 1079
Joined: Thu Jun 16, 2011 5:14 pm UTC

Re: 1938: "Meltdown and Spectre"

Postby Kit. » Fri Jan 05, 2018 9:43 pm UTC

Pfhorrest wrote:I fail to see what moral dilemmas like the Trolley Problem have to do with speculative execution.

That depends on the approach.

Philosophically, it has nothing. Practically, it has a lot. Humans have a kind of speculative execution, too, and that can also be hacked by timing.

fluffysheap
Posts: 34
Joined: Sat Sep 28, 2013 7:53 am UTC

Re: 1938: "Meltdown and Spectre"

Postby fluffysheap » Fri Jan 05, 2018 9:48 pm UTC

I think this, like rowhammer, shows mostly that we are getting sufficiently good at software security that attackers have to exploit the hardware. The problem of course is that hardware isn't quite as easy to fix as software. Sometimes you can, like meltdown, and sometimes you can't, like rowhammer. (except by replacing it).

Kit.
Posts: 1079
Joined: Thu Jun 16, 2011 5:14 pm UTC

Re: 1938: "Meltdown and Spectre"

Postby Kit. » Fri Jan 05, 2018 10:15 pm UTC

fluffysheap wrote:I think this, like rowhammer, shows mostly that we are getting sufficiently good at software security that attackers have to exploit the hardware.

Actually, Heartbleed is only about 2 months older than rowhammer.

fluffysheap wrote:The problem of course is that hardware isn't quite as easy to fix as software. Sometimes you can, like meltdown, and sometimes you can't, like rowhammer. (except by replacing it).

You can (kinda) fix rowhammmer with firmware updates, for example, by increasing DRAM refresh rates.

User avatar
Rombobjörn
Posts: 145
Joined: Mon Feb 27, 2012 11:56 am UTC
Location: right between the past and the future

Re: 1938: "Meltdown and Spectre"

Postby Rombobjörn » Fri Jan 05, 2018 10:51 pm UTC

Humans just suck at computers. That sums up the entire industry rather well – both hardware and software.

User avatar
Xenomortis
Not actually a special flower.
Posts: 1420
Joined: Thu Oct 11, 2012 8:47 am UTC

Re: 1938: "Meltdown and Spectre"

Postby Xenomortis » Fri Jan 05, 2018 11:40 pm UTC

Kit. wrote:
fluffysheap wrote:I think this, like rowhammer, shows mostly that we are getting sufficiently good at software security that attackers have to exploit the hardware.

Actually, Heartbleed is only about 2 months older than rowhammer.

Who needs hardware exploits when you only have to press backspace 28 times?
http://hmarco.org/bugs/CVE-2015-8370-Gr ... ypass.html - disclosed over a year after Heartbleed and Rowhammer were.

What surprises me is how old these vulnerabilities are:
Rowhammer can be applied to DDR3 chips from 2012 onwards, so that only took two years for the paper to surface.
Heartbleed was also introduced in 2012, with discovery also two years later.
But every CPU made by Intel with out-of-order speculative execution has been reported as potentially vulnerable to Meltdown - that goes back to the Pentium Pro from 1995.
Presumably the Spectre vulnerability also has a similar vintage, depending on branch-prediction (the first Pentium was 1993?).
(For reference, the Grub2 backspace bug went undiscovered for 6 years).
Image

User avatar
ucim
Posts: 6408
Joined: Fri Sep 28, 2012 3:23 pm UTC
Location: The One True Thread

Re: 1938: "Meltdown and Spectre"

Postby ucim » Sat Jan 06, 2018 12:59 am UTC

Pfhorrest wrote:I fail to see what moral dilemmas like the Trolley Problem have to do with speculative execution.
Where's my vitssagen when I need it??

I'm losing faith in the "many eyes make all bugs shallow" adage, and replacing it with the on-boot mantra: "these are not the bugs you're looking for".

Jose
Order of the Sillies, Honoris Causam - bestowed by charlie_grumbles on NP 859 * OTTscar winner: Wordsmith - bestowed by yappobiscuts and the OTT on NP 1832 * Ecclesiastical Calendar of the Order of the Holy Contradiction * Please help addams if you can. She needs all of us.

User avatar
Opiboble
It's Machine Code.
Posts: 690
Joined: Fri Mar 29, 2013 4:50 pm UTC
Location: Alaska, were the outside is always calling...

Re: 1938: "Meltdown and Spectre"

Postby Opiboble » Sat Jan 06, 2018 2:24 am UTC

Rombobjörn wrote:Humans just suck at computers. That sums up the entire industry rather well – both hardware and software.

Once upon a time there was some really smart humans who figured out how to get rocks to think by trapping lightning into things, and then some other humans who where really smart but not the same kind of smart started making the rock smaller and smaller. To be efficient though the humans who managed the smart humans started to make them work in parallel to make the rocks think in parallel, as well as have memories. But the problem was that the manager humans didn't want to smart humans to talk to each other (smart human uprising potential, got to keep them isolated) so when it all came together issues arose that no one saw coming.

Plus side is third-party smart humans have figured out that there is an issue... It comes down to some parts of the whole are smarter then the rest, but they (smart humans) are kept isolated for safety reasons and don't get to see the whole typically. That is why Google/Alphabet is dangerous, they are not working on AI they are just exposing the smart humans to external stimuli and larger data sets.
Sea1(Big) River2(Small) Tree3(Neat) Camp4(Old) River5(Pretty Neat) Place6(beautiful & empty) Found7(Ribbit) Bigtree8(It knows)
Tools of the OTT and OTC:
Map-Newpix Viewer-OTT Stats-Vytron Comic Sciscitor graphs

Mikeski
Posts: 1019
Joined: Sun Jan 13, 2008 7:24 am UTC
Location: Minnesota, USA

Re: 1938: "Meltdown and Spectre"

Postby Mikeski » Sat Jan 06, 2018 3:17 am UTC

Rombobjörn wrote:Humans just suck at computers. That sums up the entire industry rather well – both hardware and software.

Humans just suck at understanding large systems of any sort.

Hundreds or thousands of very very smart humans, chosen for their ability to do their job, don't get things right, even in their one narrow purview.

But every {2,4,6} years, we take a few hundred not-as-smart humans, chosen for their ability to speak well and look nice on camera*, and give them control over every aspect of our lives.

And we expect that to turn out well.

* - and, recently, the ability to keep their genitals under a minimum level of control

User avatar
MarkGyver
Posts: 32
Joined: Sun Nov 09, 2008 6:56 am UTC

Re: 1938: "Meltdown and Spectre"

Postby MarkGyver » Sat Jan 06, 2018 4:12 am UTC

Kludgy wrote:I don't think my computer's affected, though


Which type of CPU does it use?

spectreattack.com wrote:In particular, we have verified Spectre on Intel, AMD, and ARM processors.
Generation 0: The first time you see this, copy it into your signature and change it so that it looks like you inspired this signature. Social experiment.

Kludgy
Posts: 10
Joined: Sat Aug 26, 2017 11:45 pm UTC

Re: 1938: "Meltdown and Spectre"

Postby Kludgy » Sat Jan 06, 2018 4:57 am UTC

MarkGyver wrote:
Kludgy wrote:I don't think my computer's affected, though


Which type of CPU does it use?

spectreattack.com wrote:In particular, we have verified Spectre on Intel, AMD, and ARM processors.

I wasn't able to confirm the actual CPU (but it might be an Intel, like everyone else). Are there any symptoms shown with computers?

User avatar
gmalivuk
GNU Terry Pratchett
Posts: 26440
Joined: Wed Feb 28, 2007 6:02 pm UTC
Location: Here and There
Contact:

Re: 1938: "Meltdown and Spectre"

Postby gmalivuk » Sat Jan 06, 2018 5:16 am UTC

Kludgy wrote:
MarkGyver wrote:
Kludgy wrote:I don't think my computer's affected, though

Are there any symptoms shown with computers?

No.
Unless stated otherwise, I do not care whether a statement, by itself, constitutes a persuasive political argument. I care whether it's true.
---
If this post has math that doesn't work for you, use TeX the World for Firefox or Chrome

(he/him/his)

RogueCynic
Posts: 385
Joined: Sun Nov 22, 2009 10:23 pm UTC

Re: 1938: "Meltdown and Spectre"

Postby RogueCynic » Sat Jan 06, 2018 5:23 am UTC

Does the Phantom Trolley have to pass through the Phantom Tollbooth, or does it use a Speed Pass?

Mikeski wrote:
Rombobjörn wrote:Humans just suck at computers. That sums up the entire industry rather well – both hardware and software.

Humans just suck at understanding large systems of any sort.

Hundreds or thousands of very very smart humans, chosen for their ability to do their job, don't get things right, even in their one narrow purview.

But every {2,4,6} years, we take a few hundred not-as-smart humans, chosen for their ability to speak well and look nice on camera*, and give them control over every aspect of our lives.

And we expect that to turn out well.

* - and, recently, the ability to keep their genitals under a minimum level of control


Actually, humans just suck.
I am Lord Titanius Englesmith, Fancyman of Cornwood.
See 1 Kings 7:23 for pi.
If you put a prune in a juicer, what would you get?

User avatar
orthogon
Posts: 2936
Joined: Thu May 17, 2012 7:52 am UTC
Location: The Airy 1830 ellipsoid

Re: 1938: "Meltdown and Spectre"

Postby orthogon » Sat Jan 06, 2018 12:19 pm UTC

RogueCynic wrote:Actually, humans just suck.

I'm going to have to stick up for humanity here. Humans a freaking awesome, but we've created things, by working together, that none of us can fully understand. We come up with incredibly clever things, but there are unforeseen and unintended consequences from time to time. These lead us to come up with even cleverer things in response. We should remember that it was humans, not AIs, gods or aliens, who identified these vulnerabilities.

I do have sympathy for the view that the software we create has already become too complex for our puny brains to understand, such that I have to put up with bugs on my windows PC that probably nobody could explain. But software engineering is a relatively young field and this might be just another problem for us to solve. After all, cathedrals used to fall down all the time until we figured out how to build them safely. We're already building software a little better than those medieval architects, but 60-70 years isn't a long time in human history.
xtifr wrote:... and orthogon merely sounds undecided.

User avatar
Soupspoon
You have done something you shouldn't. Or are about to.
Posts: 3491
Joined: Thu Jan 28, 2016 7:00 pm UTC
Location: 53-1

Re: 1938: "Meltdown and Spectre"

Postby Soupspoon » Sat Jan 06, 2018 3:47 pm UTC

MarkGyver wrote:
Kludgy wrote:I don't think my computer's affected, though


Which type of CPU does it use?

spectreattack.com wrote:In particular, we have verified Spectre on Intel, AMD, and ARM processors.


What about Rockwell?

Spoiler:
IMG_20180106_082546.jpg

(Bad lighting, yeah. It's in a bit of a cubby-hole. And I got hit by the same orientation 'correction' issue as I talked about elsewhere. :P)

Kit.
Posts: 1079
Joined: Thu Jun 16, 2011 5:14 pm UTC

Re: 1938: "Meltdown and Spectre"

Postby Kit. » Sat Jan 06, 2018 5:38 pm UTC

orthogon wrote:Humans a freaking awesome, but we've created things, by working together, that none of us can fully understand.

I'd say this is true for any social animal, because it's a prerequisite of an evolutionarily stable society.

...well, it might be not true for societies that develop so fast that they never come close enough to their current Pareto optimality, even when their members understand where the current Pareto optimality is. But that's not really a biological evolution anymore.

wumpus
Posts: 531
Joined: Thu Feb 21, 2008 12:16 am UTC

Re: 1938: "Meltdown and Spectre"

Postby wumpus » Sun Jan 07, 2018 12:29 am UTC

Xenomortis wrote:
Kit. wrote:
fluffysheap wrote:I think this, like rowhammer, shows mostly that we are getting sufficiently good at software security that attackers have to exploit the hardware.

Actually, Heartbleed is only about 2 months older than rowhammer.

Who needs hardware exploits when you only have to press backspace 28 times?


Show me a computer secured from attacks from a hacker with physical access to the computer and I'll show you a computer that has been blasted by putting mains across the power input [also that shows just how nasty BADUSB can be (although I think BADUSB has to be custom crafted (out of say a raspberry pi instead of just an infected USB drive)).

Humans can make computers that can avoid all of this. They just won't be very fast, and they will be extremely expensive. And there will be some annoying cases that they just can't do (like survive direct contact with a malicious hacker. Or come up with a good replacement for passwords).

There was a book written long ago about "the mythical man month" which described all the problems with building highly complex systems (in that case building computers and writing operating systems [it might not have even touched on the hardware]). In the end (and later when a new afterward was written) the claim was there were "no silver bullets" to make humans suck less at this type of thing. I would argue that this is wrong, that we have a plethora of silver bullets and to prove it I suggest comparing any modern OS to OS/360 [the subject of the book] and comparing complexity. The problem is that writing software/building systems that can be constructed with those "silver bullets" is what mathematicians call "a previously solved problem" and economically lets you compete with the used market. The market always demands more, in the realms where no silver bullets exist yet.

PS: I think IBM Power 6 and sufficiently decrepit [in order/32 bit] ARM chips are safe. Maybe some of the earliest Intel Atoms. AMD chips are supposed to be "mostly safe", there are weaknesses but nobody has managed to create an exploit (and Intel has a lot of money, smart people, and would love to have one).

flymousechiu
Posts: 26
Joined: Fri Apr 04, 2014 11:19 pm UTC

Re: 1938: "Meltdown and Spectre"

Postby flymousechiu » Sun Jan 07, 2018 1:14 am UTC

honestly, i half expected a heartbleed type explanation. saddened by this comic, i sort of made one up

You: if the first bit of the other process' password is 0, tell me what is 1+this slip of paper, else, tell me what is factorial(floor(e^(sqrt(50)/3)))+this slip of paper

0: CPU: I'm not telling you. *examines the piece of paper*
1: CPU: I'm not telling you. *thinks for 10 seconds, then examines the piece of paper*

edit: fixed odering

rmsgrey
Posts: 3409
Joined: Wed Nov 16, 2011 6:35 pm UTC

Re: 1938: "Meltdown and Spectre"

Postby rmsgrey » Sun Jan 07, 2018 1:34 pm UTC

A recurring problem in computer security (and computing in general) is that most hardware and software is designed to work when used correctly, with the tacit assumption that anyone trying to use it is going to do so in good faith and with at least a minimal degree of competence and understanding. Then it gets into the hands of users, and they do all kinds of crazy stuff that the original designers never thought anyone might do, so unexpected things happen.

A system designed from the start to not do things it shouldn't rather than to do things it should is going to be less efficient at doing things generally (though by the time the other system's had patches stuck all over it to plug the security holes and remove the bugs, it'll probably be even less efficient), but will also be less prone to surprises...

User avatar
orthogon
Posts: 2936
Joined: Thu May 17, 2012 7:52 am UTC
Location: The Airy 1830 ellipsoid

Re: 1938: "Meltdown and Spectre"

Postby orthogon » Sun Jan 07, 2018 4:05 pm UTC

Kit. wrote:
orthogon wrote:Humans a freaking awesome, but we've created things, by working together, that none of us can fully understand.

I'd say this is true for any social animal, because it's a prerequisite of an evolutionarily stable society.

...well, it might be not true for societies that develop so fast that they never come close enough to their current Pareto optimality, even when their members understand where the current Pareto optimality is. But that's not really a biological evolution anymore.

Indeed; I hadn't considered how it's a result of being a social animal per se, and your knowledge of Economics is much better than mine, but I was definitely thinking that it's probably inevitable that an intelligent species will eventually build things that are beyond their own comprehension. That's why we shouldn't beat ourselves up about it. Superintelligent aliens would probably get themselves into the same pickle.
xtifr wrote:... and orthogon merely sounds undecided.

DavidWH
Posts: 1
Joined: Sun Jan 07, 2018 7:19 pm UTC

Re: 1938: "Meltdown and Spectre"

Postby DavidWH » Sun Jan 07, 2018 7:32 pm UTC

Current CPUs do not actually speculate both sides of a branch. Wikipedia calls this "eager execution" and if they did, then CPUs would not need branch prediction. Eager execution has a greater cost than branch prediction so the later is preferred.

Instead a phantom trolley runs ahead down the predicted side of each branch hammering everything and if the real trolley takes the same side of the branch, then the phantom trolley becomes the real trolley. The exploits involve deliberately sending the phantom trolley down the wrong side of a branch.

Mikeski
Posts: 1019
Joined: Sun Jan 13, 2008 7:24 am UTC
Location: Minnesota, USA

Re: 1938: "Meltdown and Spectre"

Postby Mikeski » Sun Jan 07, 2018 11:00 pm UTC

rmsgrey wrote:A recurring problem in computer security (and computing in general) is that most hardware and software is designed to work when used correctly, with the tacit assumption that anyone trying to use it is going to do so in good faith and with at least a minimal degree of competence and understanding. Then it gets into the hands of users, and they do all kinds of crazy stuff that the original designers never thought anyone might do, so unexpected things happen.

Also a problem outside of computing. A few people playing defense, versus the rest of humanity playing offense--or just milling around incompetently, not even realizing they're in the game--will never favor the defense.

You can have the best information-age technology defending your home, but anyone with Neanderthal technology can get in: a medium-sized rock to chuck through a window, possibly conveniently provided by your own landscaping. By the time you're safe from everything like that, you've basically decided to live in a prison. (See also: the TSA literally searching my arthritic 70-year-old mother's carry-on bag last year... to keep the interstate transport of a two-week supply of her prescription drugs from causing the next 9/11, or something...)

This is true for everything from street crime to epidemic disease to tax law to nuclear war. ("Mutually Assured Destruction" was a case of no neither user ever doing the unexpected; one of those rule-proving exceptions. So far, anyway.)

A system designed from the start to not do things it shouldn't rather than to do things it should is going to be less efficient at doing things generally

True. Consider a botnet-infected computer with no virus protection, versus a clean computer running very strong anti-virus software. The botnet member will be a better performer, in general. If it wasn't--if the botnet program was a noticeable performance hit--people would notice it and find a way to remove it. (I suppose part of the "botnet problem" is the number of people who don't need the performance a modern computer brings; web-and-email on a 5-year-old computer is the equivalent of taking the Veyron to the grocery store. My old Apple ][+ didn't have any cycles to spare. Nor a connection to any other computer faster than SneakerNet...)

And this is true of things that aren't very complex "systems", also. A truck or an airplane that cannot be used as a weapon... probably can't be used as a truck or an airplane. (Also wheelbarrows.)

(though by the time the other system's had patches stuck all over it to plug the security holes and remove the bugs, it'll probably be even less efficient)

And that's also true outside of computing. But for both types of systems; the "designed to not do other things" and the "designed to do things" systems both need patches, because the people who wrote the design weren't omniscient. Original US Constitution: "here are the things the federal government can do, and nothing else". Current body of US law: "[regulations] stuck all over it to plug the security holes and remove the bugs".

Democracy looks like a good system, but it takes time. Dictatorship gets shit done fast. Or, just within the USA, getting {51,60,67} senators (plus representatives, plus President) to agree on something takes time, while one guy writing executive orders (or un-elected bureaucrats in executive agencies writing "regulations" that have the force of law) is much more "efficient".

Back to your first sentence, I'm not sure there's a computing analog to Friedman's quote that "I do not believe that the solution to our problem is simply to elect the right people. The important thing is to establish a political climate of opinion which will make it politically profitable for the wrong people to do the right thing."

Maybe we should try Einstein's apocryphal "make it as simple as possible, but no simpler"...

User avatar
Eternal Density
Posts: 5547
Joined: Thu Oct 02, 2008 12:37 am UTC
Contact:

Re: 1938: "Meltdown and Spectre"

Postby Eternal Density » Mon Jan 08, 2018 7:31 am UTC

ucim wrote:
Pfhorrest wrote:I fail to see what moral dilemmas like the Trolley Problem have to do with speculative execution.
Where's my vitssagen when I need it??

Jose

Translation for those who don't speak OTTer:
Speculative execution is likened to the trolley problem via a terrible pun.
Play the game of Time! castle.chirpingmustard.com Hotdog Vending Supplier But what is this?
In the Marvel vs. DC film-making war, we're all winners.

Kit.
Posts: 1079
Joined: Thu Jun 16, 2011 5:14 pm UTC

Re: 1938: "Meltdown and Spectre"

Postby Kit. » Mon Jan 08, 2018 8:03 am UTC

rmsgrey wrote:A system designed from the start to not do things it shouldn't rather than to do things it should is going to be less efficient at doing things generally

I'd say it's simply impossible. There is no way to guaranteedly protect a system against side-channel attacks not known in advance.

pscottdv
Posts: 61
Joined: Fri Feb 19, 2010 4:32 pm UTC

Re: 1938: "Meltdown and Spectre"

Postby pscottdv » Tue Jan 09, 2018 1:43 pm UTC

The Ben Eater computer https://eater.net/ is immune.

User avatar
ucim
Posts: 6408
Joined: Fri Sep 28, 2012 3:23 pm UTC
Location: The One True Thread

Re: 1938: "Meltdown and Spectre"

Postby ucim » Tue Jan 09, 2018 4:45 pm UTC

Eternal Density wrote:Translation for those who don't speak OTTer:
Speculative execution is likened to the trolley problem via a terrible pun.
Better translation: "I see what you did just there." But yeah, that's what he did just there. :)

Jose
Order of the Sillies, Honoris Causam - bestowed by charlie_grumbles on NP 859 * OTTscar winner: Wordsmith - bestowed by yappobiscuts and the OTT on NP 1832 * Ecclesiastical Calendar of the Order of the Holy Contradiction * Please help addams if you can. She needs all of us.

SuicideJunkie
Posts: 296
Joined: Sun Feb 22, 2015 2:40 pm UTC

Re: 1938: "Meltdown and Spectre"

Postby SuicideJunkie » Tue Jan 09, 2018 5:07 pm UTC

Calling the Trolley Problem an execution seems a little over the top to me.

User avatar
ucim
Posts: 6408
Joined: Fri Sep 28, 2012 3:23 pm UTC
Location: The One True Thread

Re: 1938: "Meltdown and Spectre"

Postby ucim » Tue Jan 09, 2018 5:59 pm UTC

Yeah. It's just a JMP instruction.

Jose
Order of the Sillies, Honoris Causam - bestowed by charlie_grumbles on NP 859 * OTTscar winner: Wordsmith - bestowed by yappobiscuts and the OTT on NP 1832 * Ecclesiastical Calendar of the Order of the Holy Contradiction * Please help addams if you can. She needs all of us.

User avatar
Eternal Density
Posts: 5547
Joined: Thu Oct 02, 2008 12:37 am UTC
Contact:

Re: 1938: "Meltdown and Spectre"

Postby Eternal Density » Thu Jan 11, 2018 2:26 am UTC

SuicideJunkie wrote:Calling the Trolley Problem an execution seems a little over the top to me.

Maybe a manslaughter?
Play the game of Time! castle.chirpingmustard.com Hotdog Vending Supplier But what is this?
In the Marvel vs. DC film-making war, we're all winners.


Return to “Individual XKCD Comic Threads”

Who is online

Users browsing this forum: No registered users and 41 guests