What do you guys think the long term effects of Meltdown and Spectre is going to be?
Obviously Intel is going to overhaul their architecture and redesign for the next release, but there's still millions of vulnerable processors out there, and they'll probably continue to be used for another 3-5 years.
Are these performance killing workarounds going to be a permanent addition, or do you think they'll be dropped in a few years and every current Intel processor declared unsupported?
>What do you guys think the long term effects of Meltdown and Spectre is going to be?
The acceptance of our hardware being compromised for "national security". Nobody really cares. Like we don't care our locked front door can be bypassed by breaking the window next to it.
Well that's a load of bollocks.
So what do you think? You think anything will change because of all this? I don't think so. everything stays the same and we get used to it.
that's bullshit, this has nothing to do with national security, quite the opposite. the idea that the government needs a backdoor to stop crime is fine - and those backdoors work. this isn't a backdoor, it's literally just a fundamental flaw with how the chip handles syscalls. it's fucking 'oops'.
>the government needs a backdoor to stop crime is fine
How can you fight crime with something that enables even more crime?
All backdoors are fundamental flaws.
True security has no backdoors by nature.
Long term effects? None, depending on how long term you're talking here. Short term is where the fun is at, though.
People are actually believing this kind of exploit can be locked down on the software-side of things. Right now, when users are the most aware of this issue, there are few, if any, bad actors actually using these exploits. So people are all up in arms without any actual threat to point at.
By painting these "OS fixes" as some sort of permanent solution, they're putting users far too at ease, and in doing so, they're giving bad actors plenty time and cover to develop their own exploits of these hardware flaws, which will then only need to be wrapped in code that bypasses these OS fixes - which I'm having a hard time believing anyone thinks cannot be done. Soon enough you'll have Meltdown and Spectre exploits destroying companies and individual users, left and right, and nobody will be expecting it because "muh OS fixes".
I hope that, in the end, we'll at the very least get some decent amateur nudes dumps out of it. Please, god, let some hacker group be all like "gots to save dem titties for posterity".
>Long term effects? None
How will there not be any long term affects? For spectre at least, obfuscating the branching of code so that your CPU cannot speculatively execute code is not a valid long term solution if it impacts performance. Either speculative evaluation gets killed or CPU designers are going to find some way to make the registers no susceptible to side channel attacks.
>How will there not be any long term affects?
Humans are extinct if you wait long enough.
Using less of a hyperbole, the future of technology is of course hard to predict but that it will be vastly different then today is pretty obvious. Different technology means different problems and problems of the past don't exist anymore.
Fuck off with the bullshit, if I wanted a nihilist discussion I would have just smelled my own farts.
Than stop using arbitrary values like "long term".
NOT LIKE THIS
I wonder how fast someone would die walking inside that room with all these servers underwater and shorting out.
>the idea that the government needs a backdoor to stop crime is fine
jesus the NSA shills are getting so obvious lately
Doesn't happen.
That water will just trip the breaker. Even if it did current will flow between live conductors but someone standing next to it won't really be affected. There will be no significant potential across different parts of your body so no significant current will flow.
>Even if it did
*Even if it didn't, sry
>3-5 years
Nigga, when the WannaCry exploded it was noted that a shit ton of devices were still running Windows XP - including ATM machines and hospitals. Do you really think that people will change their "whole" computer because of an exploit that they don't even understand what is? This will last at least 10 years.
There will be no real long term effects, let's face it, it's just a nice bit of drama to get excited about. It's fixable in software and has been fixed already, it'll be deployed pretty fast because most of the machines still running using intel CPUs are running OS's that auto update, in most cases quite aggressively.
The performance impact for users is nominal, the only time any noticeable difference will be observed is with workloads which already run at or near 100% CPU usage. In almost all cases where CPU usage is that high it's because the CPU is doing a lot of raw number crunching, and the nature of the slowdown is when making syscalls and switching between userland and kernaland virtual memory.
As we've seen most of the impact will come from things like servers. Most non-virtualized servers wont need upgrading because most don't run at 100% or anywhere close.
Cloud is probably the worst affected, my suspicion is that once the virtualization is patched and serious security concerns have gone away, that maybe we'll see a very negligible bump in cloud prices, maybe AWS EC2 prices will go up a few pence, basically not a big deal.
>Fixable
This isn't a fix, this is a workaround.
This is like your spare tire blew out so you're having everyone lean to the far side of the missing tire.
I think it depends on how aggressive Intel is going to be with their redesign / i.e. if they have some razor sharp dude that can think around this.
How tied are Intel's transnational memory extensions tied into their current speculative pipeline? How useful are these extensions anyway?
How easy would it be for them to revert to a simpler speculative design like AMD has? Did AMD do their design in the way they did because they foresaw this problem? What would performance look like if they changed their speculative pipeline to look more like AMD's? Is AMD really as immune as they think to this class of problem?
Could you create a non-speculative execution mode for untrusted code? Would anybody want to use it because it might be too slow?
How good are the current mitigations going to be? (patches to LLVM and gcc are already floating around for one of the problems)
Is there a way to make the separated page tables fast on x86?
What new and related exploits can be found and exploited?
To me this seems like a research problem, but the answer is needed now. So the future depends on how clever people can be about both exploiting and solving the problem.
>simpler speculative design like AMD has
You mean the one that uses a neural net to predict the next instruction?
Semantics. The security issue is gone, it's due to a software change rather than a hardware one, but fundamentally removes the known security risk.
What we're left with is performance impact, does that matter? Well I covered that, for most people, no.
my next CPU will not be from Intel, that’s all I know
this, also i will not buy a cpu until new generation comes out
>Obviously Intel is going to overhaul their architecture
Oh my sweet and innocent user...
This damn flaw can be traced all the way back to RISC in the fucking 60s. If they haven't fixed it by now, they never will.
This, probably rowhammer isn't fixed at all.
>What do you guys think the long term effects of Meltdown and Spectre is going to be?
They'll provide more fuel for the media's Russian scare insanity.
Is it safe to say this is the biggest exploit of all time?
>he idea that the government needs a backdoor to stop crime is fine
lmao the absolute STATE of this board
Do processors with the fix need the same amount of power than before? If it doesn't increase the energetic cost, I don't think it will be that bad.
>Please, god, let some hacker group be all like "gots to save dem titties for posterity".
Yes please