|
|
|
|
|
|
by switch007
812 days ago
|
|
|
Google, in 2021 [0]: > While the PoC demonstrates the JavaScript Spectre attack against Chrome 88's V8 JavaScript engine on an Intel Core i7-6500U 'Skylake' CPU on Linux, Google notes it can easily be tweaked for other CPUs... It was even successful on Apple's M1 Arm CPU... And Augury [1] in 2022 also affected Apple's A14 and M1 chips. So have Apple been attempting to mitigate and failing, or ignoring the issue? Surely chip manufactures can't keep ignoring these fundamental flaws [0] https://security.googleblog.com/2021/03/a-spectre-proof-of-c... [1] https://www.prefetchers.info/ |
|
|
The reason this keeps coming up is that it isn’t a single issue but a class of attacks exploiting performance features, and attackers are getting more sophisticated as smart people figure out new techniques. Chip designers have been adjusting but are trying not to throw out the last couple decades of performance improvements, too.