|
|
|
|
|
|
by nanolith
809 days ago
|
|
|
At this point, I think that Intel and AMD have designed processors that are hostile toward security and process isolation. The amount of work required by an OS designer to work around the default insecure and leaky behavior of these processors is staggering. Worse, there is always the temptation to optimize performance by turning off these mitigations. Perhaps that's why I enjoy working on microcontrollers and firmware. Yeah, there are potential CPU attacks on these, but it's much easier to manage mitigations, and these mitigations don't come with steep performance penalty trade-offs. |
|
|