[freehunter]

Like DannyBee said, side-channel attacks were well known and security researchers had warned against them since at lest 1995. In fact both MacOS's kernel and the Linux kernel had some basic protections from side-channel attacks for years now, which unfortunately don't work if an attacker can dump the entire contents of all physical RAM.

Intel has has a long time to mitigate the issue. They didn't because it made their processors faster, and they chose profits over security.

[jnordwick]

Then kernel devs should be equally to blame. If bugs were known and they still mapped the kernel into userspace.

[Aloha]

That supposes Intel knew about the flaw, and instead did nothing - which I think is a big row to hoe.

[freehunter]

>https://pdfs.semanticscholar.org/2209/42809262c17b6631c0f653...

Literally since 1995. There's no way Intel hasn't read this report from the NSA detailing how insecure the x86 platform is where they literally call out this exact feature as a security risk. This feature that was not accidental, but intentionally designed.

Why exactly are you blindly defending Intel, especially with such easily disprovable arguments?

[jnordwick]

It isn't the cache side channel that is the important part of meltdown. Flush-reload is just out the information is retrived and ask acceptable problem.

The problem is data hitting the cache when it comes from an unreadable page. Meltdown looks like a bug in the cache hit logic because the page information is already in the tlb, and the fix is probably fairly trivial.

If the unreadabld page doesnt hit cache or is never mapped there in the first place, spectre can only read its own process.

[tarlinian]

Really, the "exact same feature"? None of the processors in that report even support OoOE.

[IntronExon]

Well buckle your seatbelt, because 32 plaintiffs and counting will be using discovery and god knows what else to prove just that. Intel had better be utterly innocent, or have excellent coverup skills.