Roman wrote:
That Intel-specific bug and now these cross-platform two... I just have no words.
https://meltdownattack.comhttps://googleprojectzero.blogspot.com/ ... -side.htmlQuote:
In addition to violating process isolation boundaries using native code, Spectre attacks can also be used to violate browser sandboxing, by mounting them via portable JavaScript code. We wrote a JavaScript program that successfully reads data from the address space of the browser process running it.
Wouldn't it be enough to invalidate the entire cache every time we switch/enter/exit/terminate/create a process or thread? Or just disabling the CPU cache entirely for security-critical machines?
It seems to me that the intention is just having a cache that is separated for each process (instead of the existing one which is global to the CPU/computer) so there is no possibility to read leftover cached data between arbitrary processes.