Path: ...!3.eu.feeder.erje.net!feeder.erje.net!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: Michael S <already5chosen@yahoo.com>
Newsgroups: comp.arch
Subject: Re: Another security vulnerability
Date: Mon, 25 Mar 2024 13:27:32 +0200
Organization: A noiseless patient Spider
Lines: 26
Message-ID: <20240325142732.00007d78@yahoo.com>
References: <utpoi2$b6to$1@dont-email.me>
	<utr63b$u40q$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Injection-Date: Mon, 25 Mar 2024 12:27:41 +0100
Injection-Info: dont-email.me; posting-host="ff58747de83365f3f96c18f69047f6c9";
	logging-data="1090455"; mail-complaints-to="abuse@eternal-september.org";	posting-account="U2FsdGVkX1977Q82lBhDwpsMEaGi8cd1oc/GpZ8ZY9E="
Cancel-Lock: sha1:FhTvG/X6VYCrru0GC7FRxNf/nfk=
X-Newsreader: Claws Mail 3.19.1 (GTK+ 2.24.33; x86_64-w64-mingw32)
Bytes: 1987

On Mon, 25 Mar 2024 06:37:31 -0000 (UTC)
Thomas Koenig <tkoenig@netcologne.de> wrote:

> Stephen Fuld <sfuld@alumni.cmu.edu.invalid> schrieb:
> > https://arstechnica.com/security/2024/03/hackers-can-extract-secret-encryption-keys-from-apples-mac-chips/
> >  
> 
> It's Groundhog Day, all over again!
> 
> > So, is there a way to fix this while maintaining the feature's 
> > performance advantage?  
> 
> From what is written in the article, nothing is currently known.
> 
> For new silicon, people could finally implement Mitch's suggestion
> of not committing speculative state before the instruction retires.
> (It would be interesting to see how much area and power this
> would cost with the hundreds of instructions in flight with
> modern micro-architectures).
> 
> For existing silicon - run crypto on efficiency cores, or just
> make sure not to run untrusted code on your machine :-(

I would trust your second solution better than the first one.