[xigency]

What about users who only execute trusted code?

All of these attacks assume you are running something you don't trust on your CPU, whether it is another user's program, a non-root executable, or a JavaScript program from a website.

When do we stop hacking processors, kernels, and compilers and revisit our assumptions of what we can and can't do securely.

[pjc50]

Define "trusted"? Who do you trust to do your verification, and how much does it cost?

[xigency]

Well, critical applications, like flight systems, run on a different ecosystem and are verified. (And it costs a lot.)

But my usecase might be a physical computer that isn't networked which does data science with some programs and prints out results.

These patches are focused at Amazon and cloud providers that are in the business of running separate individual's applications on the same machine.

In the consumer world, the slope would be browser scripts and user applications that aren't running as super. But even then, do you download and run software that you expect might steal information or damage your computer?

These are fundamental security questions. Creating rings and sandboxes are what create the assumptions of privacy and security.

[dingo_bat]

Oops I basically wrote an identical reply before reading yours.