It cools down to isolate memory boxes on processors in a way that prevents them from seeing what they do not need to know. MIT is similar to putting walls in a kitchen that prevents cooks from seeing each other’s ingredients and tools. There are several separate cache methods with custom domain identities, all of which are validated. New policies, meanwhile, are about cache “misses” that can signal an attack. You can not try cache hits on these domains in a bid on
The result is an approach that protects against much more than Intel’s Preventive Cache Allocation Technology (CAT), but offers “comparable” performance. While it will not work against all sorts of speculative attacks, it’s still better ̵
1; and it protects against non-speculative attacks that CAT could never cope with. There is ongoing work to help DAWG tackle more speculative attacks as well, and it would require “very minimal” changes in operating systems.
The challenge is to get companies to use the feature. MIT’s team is hopeful that companies such as Intel will pick up the idea, but it is not guaranteed. As it is, typical process times for processors can mean a long wait, even if the industry adopted the concept right away. Nevertheless, this gives rise to the hope that there is a true solution to Meltdown and Specter that does not involve a significant velocity stroke.