
The Intel 80x86 Process Architecture: Pitfalls for Secure Systems (1995) [pdf] - ColinWright
https://pdfs.semanticscholar.org/2209/42809262c17b6631c0f6536c91aaf7756857.pdf
======
tptacek
This hit Twitter today because a short section towards the end mentions a
prefetch bug. But that bug is from 1992, and concerned instruction prefetch.
It predates not only out-of-order execution and speculative execution
(introduced in the P6 microarchitecture) but superscalar x86 altogether
(introduced in the P5).

There is an interesting history to covert channel analysis and modern side
channels. It wasn't until the late 1990s (as far as I can tell) that anyone
made the leap from covert channels --- which have cooperating agents on either
end of the channel --- to side channels, in which the transmitter is
unwitting.

It's possible that there's other interesting side channel stuff lurking in
covert channel analyses. But I think the research link there is also pretty
well known.

At any rate, what this analysis primarily concerns itself with is the
suitability of x86 for multiuser multi-level security (MLS), in which you have
differing levels of classification and absolute barriers to sharing
information between those levels. In that setting, a covert channel is a
serious problem (it allows you to bypass the MLS barrier). But in modern
industry computing we've largely moved away from the concept. You can think of
this paper as referring to a different concept of "security" than the one we
think about.

~~~
userbinator
_But in modern industry computing we 've largely moved away from the concept._

Except in cloud computing, where multiple and mutually untrusted users are
sharing the same hardware... and that's where the side channels are the most
concern. If Meltdown/Spectre were discovered 10 or 15 years ago, when cloud
computing hadn't quite grown to what it is today, it would probably have
received much less attention.

~~~
tptacek
I'm not saying we've moved away from multiuser computing, just MLS.

------
magoghm
From the PDF:

Unfortunately, this hardware cannot safely be dismissed as "simple" or not in
need of in-depth analysis. A relatively simple interface can hide vast
implementation complexities and the 80x86 interface is far from simple. For
example, the Pentium contains approximately 3.1 million transistors. Its
instruction processing and pipeline architecture are extremely complex.

Now we have billions of transistors in a single chip.

~~~
erikj
A lot of those new transistors are caches and memory/IO controllers that were
previously off-chip.

