Spectre is here to stay

As a result of our work on Spectre, we now know that information leaks may affect all processors that perform speculation…. Since the initial disclosure of three classes of speculative vulnerabilities, all major [CPU] vendors have reported affected products…. This class of flaws are deeper and more widely distributed than perhaps any security flaw in history, affecting billions of CPUs in production across all device classes.

From Ross Mcilroy, Jaroslav Sevcik, Tobias Tebbi, Ben L. Titzer, and Toon Verwaest (all of Google) in Spectre is here to stay; An analysis of side-channels and speculative execution. They continue:

While speculation is often informally equated with branch prediction, the concept of speculation is broader, since processors speculate in other ways not related to branch prediction…. Vulnerabilities from speculative execution are not processor bugs but are more properly considered fundamental design flaws…. Our paper shows these leaks are not only design flaws, but are in fact foundational, at the very base of theoretical computation.

These fundamental flaws in hardware architecture leave a serious legacy:

[W]e now believe that speculative vulnerabilities on today’s hardware defeat all language-enforced confidentiality with no known comprehensive software mitigations….

It must be said, however, that all this doom and gloom mostly affects security within a process. For example: each Chrome window was a single process, despite running JavaScript from all over the web. So now:

Chrome’s defensive strategy shifted entirely to site isolation, which sandboxes code from different origins in different processes, thus relying on hardware-enforced protection.