New Spectre/Meltdown Variants
Researchers have discovered new variants of Spectre and Meltdown. The software mitigations for Spectre and Meltdown seem to block these variants, although the eventual CPU fixes will have to be expanded to account for these new attacks.
Who? • February 21, 2018 7:01 AM
As said some days ago, I am testing Spectre/Meltdown fixes on a Linux workstation. This computer is running Ubuntu 16.04 LTS, fully patched, and has a Kaby Lake processor with microcode revision 84h (released two days ago).
Spectre and Meltdown checker (https://github.com/speed47/spectre-meltdown-checker/) believes it is secure (Spectre variant 1 by means of the Red Hat/Ubuntu patch, Spectre variant 2 by means of IBRS/IBPB and Meltdown by means of page table isolation.
Something must be very wrong, one of the Meltdown/Spectre PoC is successful on it yet.
Hardware manufacturers should understand there is a market for security, even to end users. They should release non-overpriced slow but “secure” processors to these customers.
By the way, I doubt there will be Spectre/Meltdown proof processors in less than five years. It is the time a new microarchitecture needs to reach market since its initial design. I would not trust a “hardened” processor released in the next months.