Spectre and Meltdown are two of the most serious security flaws we’ve seen in years. While it’s not clear how often we’ll see either exploited in the wild, they’re dangerous because they target the fundamental function of the affected chips themselves rather than relying on any software flaw. Meltdown can be addressed by a patch, while Spectre’s attack methods are still being analyzed. Building CPUs that aren’t vulnerable to these attacks under any circumstances may not be possible, and mitigating some threat vectors may require fundamentally new design approaches.
Over at ZDNet, Jason Perlow argues these latest failures are proof the x86 standard itself needs to be destroyed, root and branch. He compares the flaws in x86 with a genetic disorder and writes:
Essentially, the only cure — at least today — is for the organism to die and for another one to take its place. The bloodline has to die out entirely.
The organism with the genetic disease, in this case, is Intel’s x86 chip architecture, which is the predominant systems architecture in personal computers, datacenter servers, and embedded systems.
The idea x86 represents some kind of millstone around Intel and AMD’s collective neck rests on an intrinsic assumption that x86 is old and being old equals bad. But let’s be honest here: While a modern Core i7 or Ryzen 7 1800X can still execute legacy 32-bit code that ran on an 80386, there’s no 80386 hardware still knocking around inside your desktop CPU. Even in scenarios where the CPU is running the same code, it isn’t running that code through the same circuits. Modern CPUs aren’t made with the same materials or processes that we used 30 years ago, they aren’t built to the same specifications, they don’t rely on the same techniques to maximize performance, and referring to the age of x86 is a way of painting an architecture poorly for rhetorical purposes, not an accurate way to capture the benefits and weaknesses of various CPU designs.
There may well come a day when we replace x86 with something better. But it isn’t going to happen just because x86 chips, like non-x86 chips, are impacted by design decisions common to high performance processors from every vendor. Open source hardware is a nifty idea and I welcome the advent of RISC-V, but there’s no proof an OSS chip would’ve been less susceptible to this type of attack. x86, ARM, and the closed-source CPU model aren’t going anywhere and these security breaches offer no compelling reasons why they should.