The Elite Intel Team Still Fighting Meltdown and Spectre

Throughout 2018, researchers inside and outside Intel continued to find exploitable weaknesses related to Meltdown and Spectre class of "speculative execution" vulnerabilities. Fixing many of them takes not just software patches, but conceptually rethinking how processors are made. From a report: At the center of these efforts for Intel is STORM, the company's strategic offensive research and mitigation group, a team of hackers from around the world tasked with heading off next-generation security threats. Reacting to speculative execution vulnerabilities in particular has taken extensive collaboration among product development teams, legacy architecture groups, outreach and communications departments to coordinate response, and security-focused research groups at Intel. STORM has been at the heart of the technical side. "With Meltdown and Spectre we were very aggressive with how we approached this problem," says Dhinesh Manoharan, who heads Intel's offensive security research division, which includes STORM. "The amount of products that we needed to deal with and address and the pace in which we did this -- we set a really high bar."

Intel's offensive security research team comprises about 60 people who focus on proactive security testing and in-depth investigations. STORM is a subset, about a dozen people who specifically work on prototyping exploits to show their practical impact. They help shed light on how far a vulnerability really extends, while also pointing to potential mitigations. The strategy helped them catch as many variants as possible of the speculative execution vulnerabilities that emerged in a slow trickle throughout 2018. "Every time a new state of the art capability or attack is discovered we need to keep tracking it, doing work on it, and making sure that our technologies are still resilient," says Rodrigo Branco, who heads STORM. "It was no different for Spectre and Meltdown. The only difference in that case is the size, because it also affected other companies and the industry as a whole."

Intel shits bed massively, hires cleaning crew

To clean their massive shitty bed.

Re:Better solution: less Intel

While Intel has its issues as a company, the real issue here is the dominance on x86. Its a closed architecture so only Intel and anyone with an x86 license, only AMD and Via at this point, can actually make x86 compatible chips. ARM is also closed so if I had my choice it wouldn't be as popular either. Ideally something truly open like RISCV is best because then anyone could design a chip and we would have real competition. They have Linux running natively on RISCV now but there still remains much work to be done, no JIT compiler for JS for example so web performance is abysmal. RISCV is already making real headway into the industry with adoption by many companies as embedded controllers. This is great, but general purpose consumer CPUs will need to run windows and will need to run all sorts of preexisting applications. Its the desktop Linux problem all over again but even worse. What made the PC and x86 dominate to begin with was its adoption by business. For RISCV or anything else to do that it will need to run everything existing business PCs run. And I dont mean FOSS equivalents, I mean the same exact shit. Many companies and institutions have old ass legacy software written long ago by developers who are long gone. They are compiled into binaries made for windows on an x86 chip. Virtualization has done a lot of good but can only go so far in this regard. The outlook is bleak for replacing x86, its too much of a cornerstone of modern PCs and the mountain of software they have.