Welcome to WebmasterWorld Guest from 220.127.116.11
Forum Moderators: open
Computer systems have become massively complex in pursuit of the seemingly number-one goal ofperformance. We’ve been extraordinarily successful at making them faster and more powerful, but alsomore complicated, facilitated by our many ways of creating abstractions. The tower of abstractions has allowed us to gain confidence in our designs through separate reasoning and verification, separatinghardware from software, and introducing security boundaries. But we see again that our abstractionsleak, side-channels existoutsideof our models, and now, down deep in the hardware where we were notsupposed to see, there are vulnerabilities in the very chips we deployed the world over. Our models, ourmentalmodels, are wrong; we have been trading security for performance and complexity all along anddidn’t know it. It is now a painful irony that today, defense requireseven more complexity with softwaremitigations, most of which we know to be incomplete. And complexity makes these three open problemsall that much harder. Spectre is perhaps, too appropriately named, as it seems destined to haunt us fora long time.
When engineers are allowed to do what they like without consulting security experts these kind of things happen ... and become memorialized and difficult to undo.