Re: So what happened to "Intel Sucks!!! Apple's M1 FTW!!!"
> This exploit doesn't obviously offer anything that can't already be accomplished better using the methods normally available to userland processes.
Can (hypothetical) userland pid_t 1538 read from some other (hypothetical) userland pid_t 7996's address space?
I'll answer that for you: no it can't and it shouldn't. That's what privilege separation enforces.
What M1's vulnerability does is: it tosses away this separation. Why don't you read the description of the vulnerability in the article, again:
"A malicious pair of cooperating processes may build a robust channel out of this two-bit state, by using a clock-and-data protocol (e.g. one side writes 1x to send data, the other side writes 00 to request the next bit)," explains Hector Martin, founder and project lead of Ashai Linux, in his vulnerability disclosure. "This allows the processes to exchange an arbitrary amount of data, bound only by CPU overhead."
Is this so difficult to understand?
Separate and disjoint processes that should normally share nothing can now read each other's data.
That is exactly what Spectre was all about - albeit by a less idiotic mechanism - and everyone freaked out about Spectre. But hey, when Apple does a much bigger idiocy of the same category, it's cool. Not problem, nothing to see, move along, everything's fine.
> Hey, that was you.
No that wasn't me. That was the ThomH fanboi: But nothing about this vulnerability makes Intel look good. Especially not in a world with AMD.