Apple’s GoFetch silicon security fail was down to an obsession with speed


OPINION Apple is good at security. It’s good at processors. Thus GoFetch, a major security flaw in its processor architecture, is a double whammy.

What makes it worse is that GoFetch is a class of vulnerability known about years before the launch of Apple Silicon processors. How did Apple’s chip designers miss it? A similar problem exists in Intel’s 13th Gen CPUs too. Spectre and Meltdown were discovered in 2018, after all. Is this a fundamental problem in modern processor design – an evolutionary misstep from which there’s no return? The answer is part Einstein, part paranoia, and part marketing. Oh yes.

Let’s start with Einstein, who said one of the rules of reality is that the further away something is, the longer it will take to get to you. Chip designers have to deal with that and other factors by keeping copies of frequently used data in small high-speed caches close to the processor. Doing this efficiently is essential and complex. It makes a ton of assumptions about what data will be needed and when, and how to make the transfers into the cache system neither too small nor too big. It’s a huge engineering challenge, and absolutely vital to performance.

Read more…