
What Spectre Means for Lanugage Implementers [video] - cmeiklejohn
https://www.youtube.com/watch?v=FGX-KD5Nh2g
======
bakery2k
> Conclusion:

> * Programming language implementations _cannot establish confidentiality_ on
> today's hardware

> * Don't run untrusted code in the same process with secrets it could steal

I understand that because of this, browsers are moving towards running
untrusted JavaScript code in separate processes, so that confidentiality is
provided by process boundaries.

Does anyone know whether other applications that embed scripting languages and
run untrusted code (e.g. games that embed Lua[JIT]) are also moving towards a
multi-process architecture?

~~~
saagarjha
Doesn't Spectre work across process boundaries?

~~~
nsajko
I think you mean Meltdown.

[https://en.wikipedia.org/wiki/Meltdown_(security_vulnerabili...](https://en.wikipedia.org/wiki/Meltdown_\(security_vulnerability\))

~~~
saagarjha
No. Meltdown allows for reading kernel memory, subverting traditional memory
isolation techniques. Spectre abuses speculative execution to perform side-
channel attacks to leak information in general, including across process
boundaries.

------
gpderetta
Only tangentially related: what does Spectre means for single address space
OSs (Midori, Singularity)?

~~~
titzer
It's game over for them, until hardware offers mechanisms to close these side
channels.

------
hak8or
That's a very weird typo for language. Usually we can tell what word was meant
if some letters are missing from what I understand, but for some reason this
one was surprisingly bad.

~~~
asveikau
I felt there was enough context to parse correctly because:

\- Spectre is a well known vulnerability in speculative execution

\- I know that speculative execution bugs had compiler workarounds involving
how you do your jumps (retpoline etc.)

\- "language implementer" is a common synonym or overlapping term with
"compiler author"

~~~
cmeiklejohn
oh, very clever

~~~
cmeiklejohn
wait, we're making a joke about "lanugage" being a result of out-of-order
execution, right?

