OSDev.org

That Intel-specific bug and now these cross-platform two... I just have no words.

https://meltdownattack.com
https://googleprojectzero.blogspot.com/ ... -side.html

In addition to violating process isolation boundaries using native code, Spectre attacks can also be used to violate browser sandboxing, by mounting them via portable JavaScript code. We wrote a JavaScript program that successfully reads data from the address space of the browser process running it.

Roman wrote:That Intel-specific bug and now these cross-platform two... I just have no words.

https://meltdownattack.com
https://googleprojectzero.blogspot.com/ ... -side.html

In addition to violating process isolation boundaries using native code, Spectre attacks can also be used to violate browser sandboxing, by mounting them via portable JavaScript code. We wrote a JavaScript program that successfully reads data from the address space of the browser process running it.

Wouldn't it be enough to invalidate the entire cache every time we switch/enter/exit/terminate/create a process or thread? Or just disabling the CPU cache entirely for security-critical machines?

It seems to me that the intention is just having a cache that is separated for each process (instead of the existing one which is global to the CPU/computer) so there is no possibility to read leftover cached data between arbitrary processes.

Try that in your OS and see what happens. I'd expect a massive performance hit.

It's a hot topic, but please try to keep it together.

http://forum.osdev.org/viewtopic.php?f= ... ff#p281534

since this one is in ramblings, may be can be reserved for non-technical, political aspect of it.
The whole things looks like some publicity stunt.