Google Says Spectre And Meltdown Are Too Difficult To Fix [With Software]

>tfw shitty old atom N270 netbook is immune to speculative execution attacks because it uses in-order execution

Meltdown is a retarded sidechannel resulting from allowing speculative execution to survive transitions between privilege modes. That shit should be very well within Intel's capacity to fix.

Spectre is drastically harder to address, since it is basically just the idea that architecturally invisible state (branch table entries, cache contents, etc.) can be inferred through timing attacks, and keeping all this state from leaking info at all within an execution context would basically mean intentionally going slow all the time.
The biggest target of Spectre is JIT-ted code from multiple domains in one process, which is best addressed with software security models. Protecting virtualized hosts could probably be addressed with flushing everything below L2 on each VPS transition.

Replacing Intel with another vendor that has IP patents will achieve nothing in the long term.

Only open architectures like OpenRISC & RISC-V provide glimpses of hope, and I say glimpses because manufacturing high-performance chips requires *serious* cash, and as customers we'll have to really on fortune100 corporations.

>Mips
Then maybe my undergrad class on microprocessor architecture will have some practical utility

Do any of those actually have somewhat of a standard architecture?
Just getting rid of a CPU arch is only part of the equation

yet another win for POWER-9

>using a VPS
kek

>It seems we have to live with the simple fact that all of our machines are susceptible to this sort of attack
nope
Rock64 quad core A53 is immune
It doesn't do speculative execution
therefore no spec ex bugs

>OpenRISC
It's GPL, so probably better than
>MEME-V
because MEME-V is a wild west

also, open source firmware
no ME/PSP
mainline kernel
why aren't you already using Rockchip master race CPU?

Heaven forbid we learn something from this entire ordeal.

x86 was a mistake

More like it's immune because it's too damn slow to actually use, and even if speculative execution was used, you could maybe leak 1 bit per 2 seconds due to the massive overhead needed to actually exploit these vulns

enjoy your proprietary first stage boot rom

Someone correct me if I'm wrong, but isnt AMD immune to all but 1 of these vulnerabilities, and that said vulnerability has already been patched with minimal loss of performance?

You are a mistake, name 1 arch that is as backward compatible.

not everyone places opensource firmware as a main priority for a computing device
I'm sure you can forgive people for not wanting to use an under-powered ARM SoC

Hopefully undergrad shitters move on to risc-v. Also I'm sick as hell of undergrad retards trying to tell me that RISC assembly is good. Writing MIPS asm is god damn painful compared to x86 or arm32

What do you mean by architecture? Arm64 is backwards compatible in the same way as amd64-- the spec just calls for a compatibility mode even though the bytecode, register, and address sizes are different

Zen 2 is being tweaked to have architectural mitigations against both. I imagine Intel are doing the same for their next release.

x86 and x86-64 however, are at this point, an old worn out tire that's been stitched back together with new tread (being instruction sets) stuck on, for the last 41 years. Seriously. It's an architecture from 1978.

"If it's not broke don't fix it..." Someone needs to tell AMD and Intel and every other company knocking out x86 and x86-64 that shit's fucked.

nope
Show me the proprietary part
Here's the source code
github.com/rockchip-linux/arm-trusted-firmware
I'll wait

Tbh I can't into assembly beyond trivial stuff. I was just taking a peak outside of my comfort zone and it backfired.
Would you happen to have nice resources on x86 or arm32? The kind of stuff that gently takes you by the hand and walks you to being able to be productive for toy hobby projects?

>Someone needs to tell AMD and Intel and every other company knocking out x86 and x86-64 that shit's fucked.
If something can be fixed it will be fixed and if it takes new silicon so be it
Intel, AMD and others have too much money invested at this point to just give up
You might've had a point if x86 was in some sort of antiquated state and was already well on it's way on being phased out but that's not happening and if it was happening it's not going to be overnight

Power9 is happening.

Not with Eypc around

>not with broken as shit x86-64 around.

Just goes to show the state of the alternatives when people are still choosing "broken" x86-64 over them

wiki.osdev.org/ARM_TargetingMultipleDevices#Three_Major_Problems

Should have been clearer, wasn't talking about the instruction set. Arm works fine on phones and routers where you expect to support a device for at most 1 year but you just can't have this kind of shit on desktops especially for free OSs.

I can understand that
but the concept that you have to just give up glows in the dark

yeah but can i browse 4chen on it

The ROM is proprietary as are all the blue binaries.
github.com/rockchip-linux/rkbin
enjoy your botnet

Attached: 1543135000383.jpg (894x1000, 134K)

>Use my eee pc from 2008
>1st gen atom without OOOE
FEELS GOOD :--DDDDDDDDDDDD

The main reason why people are “choosing” x86 is compatibility. Debian and Fedora are already almost done with porting all their stuff over to RISC-V, and they already support other archs. In other words, all of the libre stuff is fully functional. It’s the proprietary software that holds these platforms back.
Just look at POWER9. It’s competitive with Xeons and Epyc, and theoretically people could just switch to it, but they won’t because no nonfree software that people sadly still have to use works on it.

Is Power9 at all price competitive with Eypc or even Xeon? because not many give a flying fuck about having some libre system if the shit is price prohibitive

Power9 chips from IBM are already used in the server space and are priced similarly to Xeons. The Power LC922 is around $3000 for 22 cores at 2.6GHz.

>blue binaries
>proprietary
>bl31.bin
Oh, you mean this bl31?
github.com/rockchip-linux/arm-trusted-firmware/tree/master/bl31
the firmware is open source, and no blobs are needed to run the chip
You can show me blobs, but you can't dispute this fact
Qualcomm shit is blobbed
RPIs are blobbed
Rockchip is not
Here's someone who says explicitly that
youtube.com/watch?v=z-KpAA4_afs
Go ahead, skip ahead to 25:19
>You can boot it without blobs, yes
He refers to RK3288
This applies to RK33XX chips as well
The RK3288 chromebooks are actually running entirely in Trustzone from boot
no blobs
none
ZERO BLOBS
now go play in traffic, CIA

same but acer ZG5 lel

>runs entirely in Trustzone from boot
ring -3 is default
immune to meltdown/spectre
dayuum
Intel BTFO by Rockchip
how can they ever recover?

"too difficult to fix" for google means this corporation simply doesn't see a high enough return on investment to employ their research team to work on this. this shouldn't be surprising to anyone.

Does that mean that windows is better than linux? Answer me, lincucks?

yes

Unless you write compilers the ISA isn't really all that big of an issue. It sucks, but most people don't write much ASM anyways.

The most glaring flaws with X86 chips was the sheer amount of shit the Intel and Microsoft shoved into the BIOS.

Tons of functionality that should be handled by the OS is done via BIOS call back functions. ACPI for example is a giant clusterfuck and its why hibernate/sleep has been janky. Also, who ever though SMI's where a good idea needs to be shot.

You're right. After all, games don't require OS to be patched and there can even be a miner or two in the background, the Windows user won't notice it anyway.
Windows > Linux because patches are for nerds.

which os?

oh no now everyone will have to buy epyc

Okay, so basically you have to use older hardware if you want to be secure. What's the most powerful CPU that doesn't have this vulnerability? Pentium III?

At this point shit like dsp style architectures are going to have to be the future where the onus would be on the compiler to figure out the speculative opportunities. End this superscalar bullshit and c-let garbage languages.

>be Intel
>take shortcut through brambles
>arrive sooner but sans pants

It's immune because these older Atoms don't support out of order execution in the first place.

>Pentium III
Try a 486DX4. All Intel CPUs since the original Pentium are vulnerable

AMD is the least vulnerable tho, even for Spectre (Zen 2 should also have more fixes)

I thought the "solution" that Intlel pushed was to just flush cpu cache with every context switch. How is this not enough?

InToddlers BTFO

If you don't mind going non-x86, then afaik it's the UltraSPARC T1, the last in-order execution CPU ever made.
I use a system with dual 400MHz UltraSPARC IIs as my home server and the thing runs like you seriously wouldn't expect it to. It does a shitload of stuff, including seeding 200+ torrents and running a small Minecraft (spigot with a few mods) server without breaking a sweat.
Sadly one of the fans went bad last month and one of the CPUs cooked itself, so I ordered a couple of 450MHz ones with twice the cache to replace the dual 400/2MiB setup. I have it running on a single 400 right now and it's far from useless - pic related.

I honestly do not know why everyone only considers RISC-V and POWER9 systems when it comes to botnet-free computing, when there are tons of modern SPARC machines out there being sold for extremely reasonable prices.

Attached: Screenshot_20190224-025307_ConnectBot_1.png (495x293, 28K)

Thats cool
is it only in chromebooks?

For me, ALARM
archlinuxarm.org/
But I want to get GuixSD running
No, there's a ton of rockchip SBCs
The local electronics store has Asus Tinker Boards which have the 3288
I'm looking at the NanoPC-T4 currently
It has a PCIe v2.1 x4 m.2 slot, which means NVMe SSD
The Rock64Pro has an m.2 slot too
But with a SSD inserted, it covers the CPU
No heatsink or fan possible

What we need is actual processors not mini computers virtualizing our processing. I don't know what those would be or are called but there should be no management system or microcode, just a hardware processor that runs code like it used to be.

yeah i was looking at aarm so you're saying you run i3 or xfce and firefox on that rock? what about storage, can you use an hdd somehow
what about xorg? what driver, does it tear?

it seems apple is heavily into arm with their idevices and the arm based t2/security microprocessor, but what ever happened to AMDs plans for the k4 arm based cpu?
did thry just abandon it, or was it purely vaporware from the start?

>based AI will literally take over control of all computers in the world
praise Tay

Attached: 1532355075819.png (647x935, 75K)

amd is already fixed.