Google details how it protected services like Gmail from Spectre

From Engadget - January 12, 2018

However, the second variant of Spectre proved a lot more problematic. Google's engineers thought the only way to protect against it was to switch off the CPU features that made the chips vulnerable to attackers. Unfortunately, doing that slowed down applications considerably and caused inconsistent performance, so the tech titan had to look at unusual or "moonshot" solutions. It found the answer in Retpoline, a technique conjured up by Google Senior Staff Engineer Paul Turner, which "modifies programs to ensure that execution cannot be influenced by an attacker."

Retpoline allowed Google to protect its services from the second variant of Spectre without having to modify source codes or to switch off hardware components. And by December, the company was done rolling our protections against all three variants. Google reiterates that it received no support tickets related to the updates, but then again, people might have attributed their complaints to other things if they did not know about the flaws.


Continue reading at Engadget »