New Intel processor vulnerability

Surprised ?

These things are going to keep cropping up until its realised that you cannot make them safe as long as any kind of cache (widely defined) filled in one security context is used in another security context. They'll either have to do a complete flush when changing security contexts, including from supervisor to user, or have a separate cache per context. In practice a combination of the two would likely be needed.

Consumer level gear could probably manage with just three caches (supervisor, user, and sandbox) without getting too bogged down. Cloud servers would need rather mode.

An alternative might, in some situations, be to deprive user code of the timing resources it needs to exploit this kind of vulnerability, but people have a habit of finding ways round such restrictions.

Sylvia.

On a sunny day (Tue, 14 May 2019 15:00:41 -0700) it happened boB wrote in :

Yes, though they would have fixed their stuff by now.

On a sunny day (Wed, 15 May 2019 13:45:08 +1000) it happened Sylvia Else wrote in :

Yes that is logical, and I am sure somebody over at Intel knows that. But there is the need for more speed and maybe input from Big Brother to keep things that way so they can check on what people are doing.

Bit less bloatware would not require so much processor power.

Jan Panteltje wrote in news:qbf4gt$1ab$ snipped-for-privacy@dont-email.me:

I think this week's round of updates included an Intel microcode update. It was likelt to address this addressing issue. :-)

It has hit every machine I have, and I even saw Linux updates yesterday that included Intel package updates.

Sylvia Else wrote in news: snipped-for-privacy@mid.individual.net:

executio

So does Intel, and I am sure they will end up prevailing again.

You will not see me jumping onto the AMD bandwagon any time soon.

My xeon and quadro do 3D CAD just fine.

Anyone stop to think that AMD might be hunting for these 'vulnerabilities'? If someone hunted, they could likely find one in an AMD CPU as well.

It is like the virus on windows but no linux thing.

IF Linux were more popular, it would have more time spent on invading it. Yes, I know it is inherently a more secure OS. That is not my point... or maybe it is exactly my point.

I am staying with Intel and their decades of experience.

Write to Trump. I bet he will support a wall to keep out bloatware.

Well, after all it IS Intel.

They have been known to know about bugs and not say anything until someone called them on it.... At least in the 1970s and 1980s. Maybe this is the same kind of thing ? I would hope they would have gotten better at that kind of thing. Intel doesn't hand out documentation anymore like they used to soI'm sure it's just their big users that worry about that stuff nowadays and most likely under some NDAs on these types of holes so peons like me won't know about it until it's made public.

"peon" = = peed on