Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Announcements (Altcoins)
Re: [ANN][ZEN] Horizen: Bringing Privacy To Life [EX ZenCash]
by
puwaha
on 02/09/2018, 19:25:49 UTC
Quote from: dmwardjr on September 02, 2018, 09:42:52 AM
Quote from: puwaha on September 02, 2018, 05:17:50 AM
Spectre and Meltdown are CPU design flaws having to do with the lack of security in out-of-order instructions.  There is no "chip within a chip".  Any article that would write that... has no fundamental understanding of the problem.  Spectre and Meltdown can affect any CPU with out-of-order instruction processing, unless the OS takes specific measures to prevent it.  That includes Intel, AMD, ARM, and many other smaller players.  So you are saying the NSA infiltrated all of these companies and specifically told the computer scientists who developed out-of-order instruction processing back in the 1990s... for the express reason to "drop in on you?"  That's a long, long game... and that's not what happened.

It was simply a design flaw that was found to be exploitable.

The point I'm making is they KNEW the design flaw was there all along.

It only became a design flaw when it was demonstrated to be exploitable.  Until then, it was a genius way to speed up instruction execution.  Software engineers who work on kernel exec have a responsibility in this too.  They were the ones who recognized a problem in the way they designed kernel security and tried to randomize address space to keep an exploit mitigated.

This is not a problem of subterfuge from the beginning, but of a retrospect understanding that kernels that don't specifically address a lack of security in chip design could be exploited.