[Info-vax] Intel x86-64 Processor Design Security Vulnerability?

[johnwallace4 at yahoo.co.uk]

On Thursday, 4 January 2018 14:33:26 UTC, Craig A. Berry  wrote:
> On 1/4/18 6:38 AM, Neil Rieck wrote:
> 
> > I noticed that the security exploit only exists in some products from Intel and ARM but no products from AMD.
> 
> There are reports that say any processor that does out-of-order
> execution is vulnerable and there are reports that say AMD is not
> vulnerable. I would wait until more research is done before depending on
> the latter.

The document I looked at on the ARM website seem to 
suggest that the critical factor in their situation 
is whether the (un)protected data is kept in an 
address space marked as cacheable. 

Anyone who's done low level stuff like understanding 
SMP/multi-core system synchronisation will understand 
this concept. Even anyone who's written device
interfaces where data can change asynchronously.

Extending this to speculative/OoO execution does require
a level of understanding which appears to be beyond the
capabilities of some of the architects/designers/testers
in this rather sad picture.

Of course the basic conclusion here is that complexity
is fundamentally bad but often looks shiny, and shiny 
is what sells to the volume market - and until the vendor 
of the defective product has to pay the full price of
fouling up ("product liability" legislation exists in 
many countries, right?), it'll mostly stay that way.

I'd speculate (hoho) that the core (hoho) issue (hoho) 
doesn't need much more substantial research, but it 
does need a lot better documentation. Maybe it exists - 
I've only had a very quick look. Pointers (hoho) welcome.