1. 23
  1.  

  2. 10

    Some additional info here: https://mdsattacks.com/#ridl-ng

    In reality, this is no new vulnerability. We disclosed TAA (and other issues) as part of our original RIDL submission to Intel in Sep 2018. Unfortunately, the Intel PSIRT team missed our submitted proof-of-concept exploits (PoCs), and as a result, the original MDS mitigations released in May 2019 only partially addressed RIDL.

    Oof.

    We are particularly worried about Intel’s mitigation plan being PoC-oriented with a complete lack of security engineering and underlying root cause analysis, with minor variations in PoCs leading to new embargoes, and these “new” vulnerabilities remaining unfixed for lengthy periods.

    Double oof.

    Might be time to get an AMD system sooner than I was planning. Hoping apple does an arm laptop or something sooner rather than later too.

    1. 2

      I’m not sure if ARM or AMD would be better, really.

      If I was looking at a root cause, it would be it’s hard for software developers to detect when speculation happens. All of these systems try to do speculation invisibly, which means that when it goes wrong, it’s invisible.

      A more proper fix would be an exposed-pipeline system like The Mill CPU (yes, I know it’s vaporware, but shipped-for-real exposed pipeline systems already exist, it’s just that they aren’t being used in server or desktop workloads). You can detect when speculated loads are performed by inspecting the compiled machine code, and since the ultimate choice of when speculative memory loads is entirely in software, bug fixes are just software updates.

      1. 5

        AMD has not implemented TSX while Intel has. TSX (Hardware Transactional Memory) is incredibly hard to get right - these vulnerabilities are the result of implementing it in hardware prematurely.

        So technically AMD/ARM have it better by virtue of not releasing buggy implementations for the past three years that have to be disabled by Intel.