@phryk LOL! Well, that won't necessarily mean that there won't be hardware vulns with RISC-V, just that it will be visible to those assessing them as opposed to just Intel's eyes.

@claudiom

Of course not, but one of the main reasons I don't use proprietary software is that a public review isn't possible and IMO the same applies to hardware – it's just that open/libre computing hardware mostly doesn't exist.

Hence, I have high hopes for projects like https://libresilicon.com/ and @fsi to bring about trustable computing technology.

@phryk @claudiom The main reason RISC-V implementations aren't yet affected by the latest cutting-edge bugs is because they haven't yet been optimized enough to have leaky abstractions. 😀

@freakazoid I think it's just that nothing's perfect. It's just how it all is. Everything has a weakness that hasn't been discovered yet, until it is.

@freakazoid I think there's a consensus that whatever you have will have an attack vector, some unfixable, and you just have to know whether it affects you and how to mitigate it if it does.

@claudiom Security isn't binary, though. Complex things are MUCH harder to secure than simple things.

@claudiom Also, Intel themselves make chips, their experimental "cloud CPUs", that should be much less susceptable to these sorts of attacks by making it unnecessary to share cores or caches among mutually distrusting workloads.

@freakazoid Indeed.