Replies

They had a back door, but we discovered it, and now it’s a hugh chip-based Intel security problem. It is called the Meltdown bug.

Close, Lax, but not quite right. On mobile devices it was the Spectre malware. . . not Meltdown.

That predictive-processing backdoor had very limited capabilities. . . especially on ARM processor based mobile devices. Was it a danger? Yes. Did it have the capability to process large, complex apps? No, only specific functions that were likely to be called next in reference to what was being calculated currently and results cached. That process could hijacked for similarly small processes. The entire app sized processes could not be used.

Meltdown and more generally, Spectre. The modern assembly line is the "magic" employed by fast chips. They employ cache memory to grab a sequence of future instructions and "speculatively execute" them with the hope that doing so was the correct choice and the concurrent activity "saves time". In general, it works well. Compilers are optimized to help the "pipeline" strategy. When the guess goes "wrong", there is a "pipeline stall" and the processing falls back to executing exactly "what you see is what you get" in real time.

The "bad guys" figured out a way to exploit the cached data to glean information. The only way to prevent this is to stop using pipelined cache with speculative executions. In practice, the measured slowdown ranges from 17 to 29 percent slower.

The inability to break the encryption in a timely fashion is by design. If you must encrypt to prevent spying on your data, increase the level of "fun" by encrypting lots of nonsense trivial an mixing it with a real items. The interlopers have no idea which items are relevant and which are nonsense. All will require lots of CPU cycles. Choose something really challenging that isn't subject to defeat with big data solutions e.g. "rainbow tables" that map a replacement string for every possible hash value.