First, there was Google Project Zero, that discovered three security flaws that are inherent in the design of modern CPUs. Then there were chaotic attempts to fix those flaws, but some older hardware will simply be left unfixed… Nice idea to make CPU sales go up again!
Those were three (3) flaws: Meltdown, Spectre V1 and Spectre V2. Modern BIOSes, ähm, UEFI firmware does fix Spectre partly by microcode updates. But again, only newer CPUs get those updates and CPU performance will in general be lower afterwards, since it was by design in order to make CPUs faster, but the design was flawed and now the workaround fixed it while making the CPU slower, obviously. Developers of operating systems have also implemented different strategies to mitigate the flaws.
And now the story continues… now there is Spectre NG: eight—yes, EIGHT (8)—additional security flaws, presumably also by design. One is said to be very dangerous (a “high risk” fault), 3 are high risk and 4 are medium risk.
So, my question to you all: are you even interested? Is it relevant in your lives?
For game developers: Does it affect you at all? Are there any mitigations that you have to account for during game development (software in general)?
For us users: are you worried at all?
Anyway, I haven’t read anything about it here on the forums yet, but I’m interested in your thoughs on Meltdown, Spectre and Spectre NG (final names to be determined, CVE numbers already reserved)…
[li]Meltdown and Spectre: ‘worst ever’ CPU bugs affect virtually all computers[/li]
[li]Spectre and Meltdown flaws being exploited by more than 100 strains of malware[/li]
[li]Spectre-NG: Security bods uncover eight new ‘Spectre-class’ flaws in Intel CPUs[/li]
Thanks in advance!