Let’s prove it by contradiction:
Lets say you pick the larger ones and drop the smaller ones every single round, you have lost the probabilistic guarantee of 1/2^k that the authors show because the most frequent words will be the lost frequent in subsequent rounds as well. This is the intuition, the math might be more illuminating.
Although I am rooting for Intel, the leadership is just not an execution machine. Pat is a very good CEO, and he understands technology as much as the business. But the next level simply doesn’t have that charisma to deliver. I wouldn’t be surprised to see many delays and eventually a product which is years behind competition.
Exactly. Considering that Brahui is a Dravidian language, I always wondered how can regions so disjointed (Pakistan and South India separated by at least a few thousands of kilometres) have a common origin.
David McAlpin made a very strong case for Brahui *not* being a Dravidian language, but rather descended from the proto-elamite language family. He showed how Proto dravidian and Proto-elamite could have descended from the same parent language - he calls this Proto Zagrosian.
It's a very interesting take and I am personally convinced that he's on the right track.
I don’t get it. If security is so important, then it should be okay to sacrifice performance. Why is there such inertia in accepting this? If security is all that is needed, get an in order completely non speculative core with no branch prediction (you can’t even run your side channels in this case efficiently)
This is extremely controversial given that the only marketing criterion of CPUs is .. performance.
If it can be hived off to a separate core, quite possibly on a separate die to avoid power attacks, then that seems a sensible approach from a hardware architecture point of view. But that complicates the software: how do you run your security critical browser Javascript on the co-processor?
How many times have you been hacked by a side-channel exploit? (Or people you know? Or any publicly documented case?) Are you going to use a computer that runs at 1/10th the speed to mitigate that risk going forwards?
Keep in mind that a ton of non-side-channel exploits are caught in the wild every year, so your slow new computer isn't really secure, it's just not vulnerable to these specific attacks.
(For 1/10th: the Cortex-A55 in the following chart is the only "in-order" CPU: https://images.anandtech.com/doci/17102/SPECint2017_575px.pn... - though arguably even it isn't completely non-speculative, and it definitely has branch-prediction, but it's at least a reasonable ballpark.)
The problem is that security is only important when you're running your valuable IP code and extremely private data on someone else's computer, right next to arbitrary code written by a third party.
No, that's nothing like my day-to-day work in a text editor and compiler or CAD app on my personal box, where choosing performance over security is obvious. But it basically describes the hyper-competitive modern cloud computing ecosystem exactly.
Unfortunately, due to consumer irrationality and imperfect information, economics seems to indicate that the best way to get money out of the value that can be added through software is to sell subscriptions to online services, not shrink-wrapped DVDs. Now that this has been discovered, I think we're unlikely to get a world where we all have insecure, high-performance local machines that don't depend on cloud services.
I've never personally been hacked by a side-channel exploit. A customer I work with recently got hacked by ransomware, which was scary, they've spent the last month wiping everything and restoring ~95% of their data from backups, but I feel safe assuming I'm just not interesting enough to be at risk of to high-effort spear-phishing hardware side channel attacks.
> The problem is that security is only important when you're running your valuable IP code and extremely private data on someone else's computer, right next to arbitrary code written by a third party.
I mostly agree in principle but disagree with your introduction. Unless you don’t use a web browser.
Your browser is an untrusted computing environment that is constantly downloading and running 3rd party code in sandboxed environments.
A modern browser looks a lot like an edge node running on-demand short-lived programs from 3rd parties.
Not sure you read that chart right. It's slower because it's much lower power.
Out of order execution gives on the order of 2x speed improvement not 10x. I would imagine branch prediction gives a much bigger benefit but nobody is going to make a performance sensitive processor without branch prediction (whereas in-order is still common).
Absolute secure system is absolutely not practical. Good security is always a tradeoff. Sacrificed performance means increases resource usage - more chips and more energy per unit of computation and while humanity still burns coal/carbohydrates to make electricity increased CO2 emissions can be too high price to gain marginal improvement in security. Even if electricity is free of negative externalities we still have limited resources and need to think if better to allocate them to improve security or something else.
Even a very low penalty isn't something that the industry is willing to produce..
For example, the RISC-V is derived from the MIPS, the MIPS had some instruction to trap on integer overflow, it's a very minor penalty to have these instructions, and guess what? They haven't been included in RISC-V..
Except that as soon as you have two instructions instead of one, people starts talking about cache pressure and turns off the safety.
Optional security == no security.
Arm Cortex-R series is intended to very hard real-time, and do branch prediction only if explicitly enabled
> However, the Cortex-R7 and Cortex-R8 do not enable branch prediction automatically at reset. This means software must enable branch prediction to get the maximum hardware performance.
Wow the guys in the newsroom didn’t believe what they were saying and still said it. If there was a word for journalistic non-integrity, I’m searching for it now.
Get a higher paying job. While that is harder said than done, the process of preparing for such a job search, could keep you prepared for the worst should it come.
I don’t get why other chip manufacturers don’t go this same route. For example AVX is done on the same core that also supports integer math. Many companies have a separate GPU but AVX seems to always come prepackaged.
I have always found myself more engrossed and wanting to run if I have a great podcast series or a great audiobook to listen to. Lately haven’t been getting any good recommendations and feeling like it is a chore to run.
Maybe having a bet like this with my sister who is also trying to become more active might help.
