It boils down to isolating memory caches on processors so that they do not see anything they do not need to know. MIT compares with placing walls in a kitchen that prevent cooks from seeing each other's ingredients and tools. There are several separate cache paths with their own domain identities, each of which is validated. New policies deal with cache errors that could signal an attack. You can not try to cache hits over these domains in a bid on
. The result is an approach that protects much more than Intel's Pre-Specter Cache Allocation (CAT) technology, but provides "comparable" performance. It will not work against any speculative attack, but it's still better ̵
The challenge is to get companies to use the feature. The MIT team is confident that companies like Intel will pick up on the idea, but that's not guaranteed. However, typical processor development times could mean long wait times, even if the industry took over the concept immediately. However, this raises the hope that there is a real solution for Meltdown and Specter that does not score significantly.