Estimated time to fix: 3 years
Yes, my knowledge here is a bit out of date. However, standard processor release times in during the decade surrounding 2000 were a bit more than 2 years. Less if the design did not represent any great architectural changes, more if it did. (STI Cell did, for instance. IBM G5 did not.) This represents a complete change in focus of the architecture. I would not be surprised if the design work proper has not even started as the big boys are probably petrified about the idea of missing something that their competition does not, and so are red-teaming design concepts like mad. (The hardware-only solution would be to systematically make execution times data independent, but in my experience, they lack the imagination & patience to proceed in that fashion.)
I think it is also going interesting to see what responsibilities are going to fall to the OS. One could, for example, add a "flush everything" command, and require that the OS invoke it on any context switch to untrusted code. This extreme would of course kill performance, but it would allow a single chip design for multi- and single-tenet systems. I mention it to demonstrate that security does not have to be entirely in hardware. For performance reasons, it cannot be. We already have things like separated data and instruction caches & we require the OS to keep them valid.
Biting the hand that feeds IT
