[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Cryptography] Intel trump-ets "walls" to defeat Spectres
- From: Henry Baker <hbaker1 AT pipeline.com>
- Subject: [Cryptography] Intel trump-ets "walls" to defeat Spectres
- Date: Thu, 15 Mar 2018 12:19:39 -0700
- Arc-authentication-results: i=1; mx.google.com; dkim=neutral (body hash did not verify) firstname.lastname@example.org header.s=dk12062016 header.b=sW5GCNn0; spf=pass (google.com: best guess record for domain of cryptography-bounces+ben=bentasker.co.uk AT metzdowd.com designates 18.104.22.168 as permitted sender) smtp.mailfrom=cryptography-bounces+ben=bentasker.co.uk AT metzdowd.com; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=pipeline.com
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :message-id:mime-version:from:to:date:domainkey-signature :dkim-signature:delivered-to:arc-authentication-results; bh=xsn+VEHKJUbvhg8TF1khL1pfpWZw3i594YHn8RDnuQ0=; b=x2s3Zm0Ltp6Y4vSceabotiQks3qBXuEB4J3YHfOLTIQrajlkxTNwQaG06djd3+BaL7 jOqqItZua+0PKiEwrUA5co8eoEec0Krx7zbY74wT+fwRdzehDv97ATMCWZxMrnE/spoo /LfZhpsEYPFn94vW0Y9uamVt0cgVMepN2QIH6DRv+XkWeGePRKAsk6uS7l3RCDT1KqCl SITROOL5KmtLz+nrFqaW6sD62i0q5NBGajj/q1S+ZEFxdC6DJ/zONkwUf/DrEDHjEyOz vrAfSmD+aN6dtxs20IJyuuh6if6Kqju+5bG9K13g2GBC6Dtawg4JNV8RFUKSBpYSxmqv dKVQ==
- Arc-seal: i=1; a=rsa-sha256; t=1521175207; cv=none; d=google.com; s=arc-20160816; b=fT2WtyYJXJjPMWOlsJTL/WJirPwmYuyQVIwYrE8bhS9lCfm+CBgJP/rtKVZ0Jb9Zqd dxqG3MX8iAmukFQQzJzo0NKmFYab9ihlV7kI/dSx/BHx/zqvuIj9HPhXIQ1iou2RNkjA AUWdJnDawk3NSmGWWznzg2n3k+S6IMCPBsyR0J4V9Peo3lHE72yp0K8cl/XnXqNJEgvU PMDwNNXkGJXYTknM2PSXQfEErHa4BvmU44Pky1BB07ZaZt4G3cjH2EGtKdNSVAGlYznV vFDl65saVLt+YhWQKuixkf8INJpHaQSaLL4azxobus/5aIg2waqNOxH9fufvJXQmfoO9 98MQ==
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=dk12062016; d=pipeline.com; b=JG06yo/VseW3G8bAwpPoPMECv4ilX6jVEzbN0adQygmRxZa6rzVel9lafweXnnFmxfWo2Bs6cDbw+P9YlZMFyHVot6L1dYAKrTG/PvNC4qswxU5cjNb2pq9CInSRciHVXbTkHSOIhLPa9Lnt8XAmZoJWf8Bxwj0cbgFCymV0dbqytj0y23XDlGX4wKHTELGvfWe9neUq6itU4o2pdGZ/225hKXvttHLp/YchU0nP+A0ia4vj0V1mmybScTRonNlJXVZbWOivueVdEIAdACK2g6p6/x1Sy/SVJiGhyxj324ynbJBpn6bkZXxSH5f9qplsgRAKZsyA925J3j7M5pcr6Q==; h=Received:X-Mailer:Date:To:From:Subject:Mime-Version:Content-Type:Content-Transfer-Encoding:Message-ID:X-ELNK-Trace:X-Originating-IP;
- List-archive: <http://www.metzdowd.com/pipermail/cryptography/>
- Sender: "cryptography" <cryptography-bounces+ben=bentasker.co.uk AT metzdowd.com>
- To: cryptography AT metzdowd.com
Advancing Security at the Silicon Level
Hardware-based Protection Coming to Data Center and PC Products Later this Year
By Brian Krzanich
In addressing the vulnerabilities reported by Google Project Zero earlier this year, Intel and the technology industry have faced a significant challenge. Thousands of people across the industry have worked tirelessly to make sure we delivered on our collective priority: protecting customers and their data. I am humbled and thankful for the commitment and effort shown by so many people *around the globe*. And, I am reassured that when the need is great, companies and even competitors will work together to address that need.
we are making changes to our hardware design to further address the other two. We have redesigned parts of the processor to introduce new levels of protection through *partitioning* that will protect against both Variants 2 and 3. Think of this partitioning as additional "protective walls" between applications and user privilege levels to create an obstacle for bad actors.
We're sorry that this has taken so long, but Intel needed to "nerd harder" to redesign our backdoors and provide new niches where we could hide the keys for the housekeeping maids & gardeners. These backdoors & niches improve *your* security, by allowing these hard-working folks to keep a watchful eye out for "bad actors".
Our IP lawyers have also been working overtime to come up with words and phrases that make what we're doing appear novel enough to build a patent wall against AMD and ARM. We're hopeful that they've now succeeded.
Our researchers in India and Pakistan have assured us that these novel "partitions" will provide the safety and security blanket that our customers have become accustomed to from Intel.
The cryptography mailing list
cryptography AT metzdowd.com