I suspect that we could persuade those caches to flush to RAM, simply by exhausting the number of possible lines for that address - if the cache is set-associative. Of course modern processors have multiple levels of cache, so that makes it harder.
Hi AC,
This is sort of self-contradictory, so I don't really need to respond to it directly. I just want to point one thing out. I can't afford to work for any company as less than a C-level employee. It would be a salary cut from my current business.
Not to mention that I'd not like it.
An AC talking about balls. Pathetic.
Right. I didn't even bother responding to the taunts.
Coward really means coward. I am sorry for the folks who are afraid that their employer will take a dislike of what they post, but for them we have handles.
I can't say I'm happy about what's happened to Debian. Having Ubuntu as a commercial derivative really has been the kiss of death for it, not that there were not other problems. It strikes me that the kernel team has done better for its lack of a constitution and elections, and Linus' ability to tell someone to screw off. I even got to tell him to screw off when he was dumping on 'Tridge over Bitkeeper. Somehow, that stuff works.
IMO, don't create a happy inclusive project team full of respect for each other. Hand-pick the geniuses and let them fight. You get better code in the end.
This actually has something to do with why so many people hate Systemd. It turns out that Systemd is professional-quality work done by competent salaried engineers. Our problem with it is that we're used to beautiful code made by geniuses. Going all of the way back to DMR.
It really does look like Jomo did post this article, and it refers to another article of his.
What isn't to like about Ubuntu is that it's a commercial project with a significant unpaid staff. Once in a while I make a point of telling the unpaid staff that there really are better ways that they could be helping Free Software.
It's just that I object folks who would be good community contributors being lured into being unpaid employees instead.
Say how do feel about idiots working for corporations contractually enmeshed with the US military-industrial-surveillance complex. Why no spittle-laced hate for them?
The GNU Radio project was funded in part by a United States intelligence agency. They paid good money and the result is under GPL. What's not to like?
Keep all of the idiots that want to work for a millionare for nothing. Fire the others.
Anyone with sense has by now joined a non-profit project.
Compare-and-exchange and mfence would be doing cache flush all of the way to RAM and global cache line invalidation, wouldn't they? So, they can potentially be used to hammer too.
Multi-threaded programs really do need those cache flushes to implement their interprocessor communications, don't they? It seems to me that they would be the ones most likely to hit this problem.
It has yet to be established whether hammer techniques can result in a correct data+ECC pattern. If so, it should be possible to permute the memory in a way that defeats this, either on the memory module or the memory controller.
That would make a good research paper for someone.
Yes, you beat me to it. A correctly-configured ECC motherboard with real ECC memory would defeat this. Watch out for fake ECC memory that just simulates the correction bits.
Once memory starts being vulnerable to row interference, having a machine without ECC becomes much more dangerous, regardless of this exploit.
You have the Part 15 and ISM services for that. You really can buy a microwave link that's metropolitan-distance and legal to use.
We lost much of our 440 capability to PAVE PAWS in California. Remember, Amateur Radio is not the primary service on many bands. The military is on 440.
If you want that nearly infinite microwave spectrum, you have the Part 15 and ISM services. Absolutely nothing is stopping you. Power is not the issue with those frequencies, it's line of sight and Fresnel zones.
No, I absolutely do not have to prefix my words with anything. You do that by posting as an anonymous coward. I use my real name to indicate that I stand behind my words.
Yes. The usual mechanism here would be WiFi security, with HTTPS or SSL inside of it.
A penny saved is a penny to squander. -- Ambrose Bierce