Secure Speculative Execution
We’re starting to see research into designing speculative execution systems that avoid Spectre- and Meltdown-like security problems. Here’s one.
I don’t know if this particular design is secure. My guess is that we’re going to see several iterations of design and attack before we settle on something that works. But it’s good to see the research results emerge.
News article.
Who? • June 25, 2018 12:26 PM
The only secure design is one that fully avoids speculative exection. Right now there are clearly two users groups:
The first group either depises security (gamers) or run huge computing clusters in which compartimentation is not critical (each computing node has a single user and does not run multiple jobs concurrently). The second group, the security conscious users, deserve a secure —even if slow for current standards— architecture.
Sorry, I do not believe in turning an unsecure design into a secure one by patching; security is an integral part of a design.