> We're going to wind up undoing the last 20 years of performance gains in the name of 'security', and it scares me.
This actually excites me. When the foundation is shown to be rotten, it's time for a new foundation.
I'm optimistic, though, that the future holds a fork, with some devices insecure-but-fast and others secure-but-slow. Because there's a market for both. I don't care if my gaming hardware is vulnerable to Spectre because ideally there's nothing worth stealing there anyway. Email/messaging hardware can afford to be a -lot- slower than my gaming rig without any appreciable impact on the experience.
Perhaps the future holds motherboards that look like the physical embodiment of Qubes OS, with secure and insecure chips running compartmentalized features based on their security/speed requirements. We already do something like this for performance with the divide between CPUs and GPUs.
I have a feeling that the wide spectrum of different ways to mitigate CPU bugs will slow down the demand for a new "slow and steady" CPU architecture. Linux already comes with a feature to wipe the L1 cache on every context switch -- simply enabling this option will compete with brand new architectures for a while.
A major advantage of not adopting new CPU designs for a while is that you get to keep insecure-but-fast and secure-but-slow behavior in the same CPU by simply tweaking mitigations.
Good thinking, although I'd be a little wary about making a clear distinction between those two classes of device.
It'd seem both theoretically and practically possible to engineer hardware that could enable and disable certain optimizations and extensions dynamically.
(note that energy consumption may also be a related factor here)
This actually excites me. When the foundation is shown to be rotten, it's time for a new foundation.
I'm optimistic, though, that the future holds a fork, with some devices insecure-but-fast and others secure-but-slow. Because there's a market for both. I don't care if my gaming hardware is vulnerable to Spectre because ideally there's nothing worth stealing there anyway. Email/messaging hardware can afford to be a -lot- slower than my gaming rig without any appreciable impact on the experience.
Perhaps the future holds motherboards that look like the physical embodiment of Qubes OS, with secure and insecure chips running compartmentalized features based on their security/speed requirements. We already do something like this for performance with the divide between CPUs and GPUs.