Another round of speculative-execution vulnerabilities [LWN.net]

Another round of speculative-execution vulnerabilities

Posted Aug 11, 2023 12:25 UTC (Fri) by tao (subscriber, #17563)
In reply to: Another round of speculative-execution vulnerabilities by excors
Parent article: Another round of speculative-execution vulnerabilities

The difference in timing between a misprediction and a correct prediction will at the very least reveal state as to true/false for the predicted condition. Whether that information is enough or not is a wholly different matter.

to post comments

Another round of speculative-execution vulnerabilities

Posted Aug 11, 2023 14:11 UTC (Fri) by excors (subscriber, #95769) [Link]

I think that can be solved by writing constant-time code when you're dealing with sensitive data, so it's never exposed to the branch predictor side channel, which you should be doing anyway to avoid other timing attacks. The problem with Spectre is that it can't be solved by writing perfectly correct side-channel-free code, because the CPU is not executing the code you wrote, it's executing some arbitrary code that you *didn't* write (when it's speculating past a misprediction), and that unwritten code may expose the data to side channels. Software developers can't take responsibility for code they didn't write, so it becomes a hardware issue.