
Researchers discover seven new Meltdown and Spectre attacks - Garbage
https://www.zdnet.com/article/researchers-discover-seven-new-meltdown-and-spectre-attacks/
======
travisoneill1
I don't know much about low level stuff, but from what I have read:

\- these issues are inherent in speculative execution

\- speculative execution is critical for performance

\- therefore these issues are really hard to eliminate

\- these attacks can break out of VM's

Are these points correct? Because if they are, it seems like a safe conclusion
that most of the cloud will be compromised.

~~~
ndiscussion
I think you're right on everything but "critical for performance".

Some chips (mostly Intel) have seen pretty big performance drops. But nothing
like 50%+.

Cloud could cost 50% more. We will bear it.

~~~
MaxBarraclough
> Cloud could cost 50% more. We will bear it.

Likely far less impact than this, as much of the cloud isn't CPU-bound, right?

~~~
smitherfield
I think that's his point; cloud is often network-bound, which can be orders of
magnitude more costly.

------
EE84M3i
Direct link to paper:
[https://arxiv.org/abs/1811.05441](https://arxiv.org/abs/1811.05441)

~~~
the_clarence
Mvp

------
sebazzz
Sounds like the only solution would be to enable speculative execution on a
per-process basis. Something like Visual Studio and it's child processes, core
Windows processes and the kernel may fully use branch prediction. "Trusted
processes" so to speak. The Web browser, not so much, so no branch prediction,
no side channel.

Perhaps new cpu instructions?

\- nspex - No SPeculative EXecution from here

\- espex - Enable SPeculative EXecution from here

~~~
jlebar
> Something like Visual Studio and it's child processes, core Windows
> processes and the kernel may fully use branch prediction.

Even that does not work.

If the kernel can do speculative execution and user code can cause the kernel
to do work (that's kind of the kernel's job), then user code can cause the
kernel to leak secret data. This was one of the first set of attacks.

------
lostmsu
Are these already patched?

