Discussion in 'Article Discussion' started by bit-tech, 4 May 2018.
Think i'll be waiting for new architecture then.
Wonder that's why they've been swiping AMD staff? (Yes I know they've had their own "issues" but not quite as comparable IMO).
That took longer than expected. Remember, 'Spectre' isn't just 'a' new vulnerability, it's a whole new class of side-channel attacks. Expect to see a lot of whack-a-moling over the next few years as implementations are invented.
Demanding a company "just fix Spectre" makes about as much sense as demanding they "just fix buffer underruns".
::EDIT:: Looks like, as before, these potentially affect all architectures that implement Speculative Execution.
So, what we're really saying here is that certain (or all chip makers) can't guarantee that the products they sell us today will not be susceptible to some vulnerability tomorrow? If that's the case then It's pretty much been the way of the tech hardware & software world for some time. I'm sure we're all used to this by now, accept the risks, mitigate them as best we can, cross our fingers and just get on with our lives.
Yeah when they get around to telling people about them that is...
And I can't say i'm as relaxed as you as dropping a big wadge of cash on a chip that gets newly released even when flaws are known, except to the buyer - coffee lake released in oct 17 and Intel had been told of the vulnerabilities mid 2017.
Anybody know if there's been an update on the 'conincidental' mass share selling before making the inital announcement btw?
Article updated with the following statement from Intel:
'Protecting our customers’ data and ensuring the security of our products are critical priorities for us. We routinely work closely with customers, partners, other chipmakers and researchers to understand and mitigate any issues that are identified, and part of this process involves reserving blocks of CVE numbers. We believe strongly in the value of coordinated disclosure and will share additional details on any potential issues as we finalize mitigations. As a best practice, we continue to encourage everyone to keep their systems up-to-date.'
Separate names with a comma.