Researchers keep finding Spectre-style bugs in processors

In January 2018, researchers made a blockbuster announcement of seemingly unpatchable security bugs lurking in Intel processors; after a round of initial reassurances about the mitigations for these bugs, it became apparent that the reassurances were overblown, and active exploits were found in the field -- and then still-more bugs exploiting "speculative execution," started to pour out of the security research community. Read the rest

Google says it can mitigate Spectre with "negligible" effect

Two days ago, an industry/academic team released a terrifying alert about a pair of CPU bugs called Spectre and Meltdown that allowed one program to steal data from another, even with the best memory-management and isolation techniques -- news that meant that virtually all the mission-critical computers in the world could no longer be trusted to handle sensitive data securely. Read the rest