Is there a logo?
Not interested if not.
Researchers from the University of Rochester have created TimeCache, an approach to system security claimed to protect against side-channel attacks like evict+reload and Spectre, without the usual deleterious impact to performance. 2018 wasn't a great year for chip-makers or their users, with the unveiling of a range of novel …
They got aways with it. We have to fix processor issues in software. We get to see more and more fixes for something that doesn't work as it's supposed to do. As long as they don't get punished, they have no reason for fixing up their hardware.
This plainly sucks! If you give'em a finger they'll end up with the entire arm.
What in the world are you talking about? How is it relevant to this article?
TimeCache is at least partially a hardware remediation; it doesn't "fix processor issues in software".
CPUs are working "as [they're] supposed to". I don't recall anything in any CPU data sheet which said it was free of microarchitectural side channels.
I swear, some people treat microarchitectural side-channel vulnerabilities as an occasion to parade whatever nonsense springs into their heads.
Regarding the actual content of this article: This is a nice practical demonstration of what we already knew, which is that side channels can be masked by whitening. It's good, and probably even feasible, though it's going to cost in terms of power dissipation (so also heat) and chip real estate. It'll be interesting to see what refinements can be made.
It's not a generic fix for every type of microarchitectural side channel, as a non-expert might infer from some generalizations in the article. It's specifically a fix for cache timing side channels. That's certainly useful, because there are a variety of cache timing side channels and many ways of extracting those signals; but microarchitectural side channels are a broader class. (With smartphones, for example, you have the potential for an unprivileged application with radio access picking up CPU RFI side-channel signals from another core.)
Caches were introduced due to the HUGE discrepancy between D-RAM (capacitors) and S-RAM (transistors). The CPUs can do several thousand “rounds” (instructions) while waiting for a single memory access.
The way caches are being handled slightly defeats the purpose of the MMU, at least when it comes to security relevant accesses.
In simple terms: The cache is being shared. Therefore, you can deduce things from timing (cache attacks). The (supposed) separation has been partially lifted due to the caching. This was never really thought through.
Biting the hand that feeds IT © 1998–2021