The bit on pages 4-5 showing how Spectre-style attacks can happen even on an in-order processor that lacks speculative execution, due to compiler optimizations, was eye-opening. Obvious in retrospect that certain kinds of optimizations that convert explicit conditionals into branchless code are the moral equivalent of speculative execution (because they execute both sides of a conditional), but it hadn’t occurred to me, and I don’t think I’d seen that mentioned elsewhere.
Imagine doing a Freedom of Information request on some large bureaucratic organisation.
It will pull the files they need from store, prepare the answer and at the final step, redact anything sensitive.
Now suppose you create a second FOIA request, there is a tiny leak of information if the information needed to answer the second is in the files needed to answer the first.
So even if the second is blacked out wall-to-wall, if the answer came back “faster-than-usual”, you might guess there was an overlap between source material between your first and second request.
The bit on pages 4-5 showing how Spectre-style attacks can happen even on an in-order processor that lacks speculative execution, due to compiler optimizations, was eye-opening. Obvious in retrospect that certain kinds of optimizations that convert explicit conditionals into branchless code are the moral equivalent of speculative execution (because they execute both sides of a conditional), but it hadn’t occurred to me, and I don’t think I’d seen that mentioned elsewhere.
The fun thing is has nothing to do with hardware.
Imagine doing a Freedom of Information request on some large bureaucratic organisation.
It will pull the files they need from store, prepare the answer and at the final step, redact anything sensitive.
Now suppose you create a second FOIA request, there is a tiny leak of information if the information needed to answer the second is in the files needed to answer the first.
So even if the second is blacked out wall-to-wall, if the answer came back “faster-than-usual”, you might guess there was an overlap between source material between your first and second request.