Spectre, which is called LFENCE, places sensitive code in a waiting area until the security checks are executed, and only then is the sensitive code allowed to execute. But it turns out the walls of this waiting area have ears, which our attack exploits. We show how an attacker can smuggle secrets through the micro-op cache by using it as a covert channel.”
It would be even more difficult to rectify this newly found flaw. In the previous Spectre attacks, developers devised a reasonably simple method of preventing any kind of attack without sacrificing significant computing performance. Logan Moody, a Ph.D. student said, “The difference with this attack is you take a much greater performance penalty than those previous attacks”. Venkat’s team has informed Intel and AMD’s product security teams about the flaw. The highly ambitious International Symposium on Computer Architecture, or ISCA, has accepted the team’s report.
