Out on a branch, speculating about possible architectural flaws

Subject: General Tech | December 10, 2018 - 12:38 PM |
Tagged: spectre, splitspectre, speculator, security, arm, Intel, amd

The discovery of yet another variant of Spectre vulnerability is not good news for already exhausted security experts or reporters, but there is something new in this story which offers a glimmer of hope.  A collaborative team of researchers from Northeastern University and IBM found this newest design law using an automatic bug finding tool they designed, called Speculator.

They designed the tool to get around the largest hurdle security researchers face, the secrecy of AMD, Intel and ARM who are trying to keep the recipe for their special sauce secret, and rightly so.  Protecting their intellectual properly is paramount to their stockholders and there are arguments about the possible effectiveness of security thorough obscurity in protecting consumers from those with nefarious intent but it does come at a cost for those hunting bugs for good. 

Pop by The Register for details on how Speculator works.

View Full Size

"SplitSpectre is a proof-of-concept built from Speculator, the team's automated CPU bug-discovery tool, which the group plans to release as open-source software."

Here is some more Tech News from around the web:

Tech Talk

Source: The Register

December 10, 2018 | 01:26 PM - Posted by nanoflower (not verified)

The "newest design law" that they discovered is that all CPUs will have flaws or is there another "design law" that they discovered?

December 10, 2018 | 01:45 PM - Posted by Jeremy Hellstrom

so, not funny then?

December 11, 2018 | 04:49 AM - Posted by James

“Protecting their intellectual properly is paramount to their stockholders and there are arguments about the possible effectiveness of security thorough obscurity in protecting consumers from those with nefarious intent but it does come at a cost for those hunting bugs for good. “

I thoroughly dependent on security through obscurity. Thoroughly.

December 10, 2018 | 01:53 PM - Posted by ipkh

Ugh. Just stop sharing the damn cache. Simple fix and effective mitigation. There is no valid reason to share the cache and it's simply creating these security holes. The cpu could still speculate but keep separate copies of the cache data if needed. Or not parallel execute threads that need access to the same memory.

January 8, 2019 | 08:05 PM - Posted by JeaSaxofs (not verified)

Cephalexin Generation Cephalosporin Buy Abilify [url=http://levicost.com]levitra 10mg[/url] Prezzi Cialis Viagra Levitra Servicio De Propecia Buy Nexium Capsules Online

January 8, 2019 | 08:07 PM - Posted by JeaSaxofs (not verified)

Cephalexin Generation Cephalosporin Buy Abilify [url=http://levicost.com]levitra 10mg[/url] Prezzi Cialis Viagra Levitra Servicio De Propecia Buy Nexium Capsules Online

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <blockquote><p><br>
  • Web page addresses and e-mail addresses turn into links automatically.

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.