[Cryptography] Speculation considered harmful?

[Henry Baker]

At 11:16 PM 1/14/2018, John Gilmore wrote:
>Fixing the Meltdown & Spectre attacks doesn't require tearing down all of computing and starting over -- no matter how much the cranks and losers of the architecture wars would like it to.
>
>It just requires fixing a few implementation bugs (like always stop speculating when you get a memory fault).

I'm not that sanguine that all of these "speculation-related" bugs have been found.

The real world is full of speculation-related bugs, including the recent "Great Recession", caused in part by speculation in options on contrived synthetic financial instruments.

In its greatest generality, "speculation" is a form of probability distribution function "tail stuffing", whereby the *average* case cost is improved by small percentage points in exchange for larger costs in (hopefully rare) "tail" (aka corner) cases.  Speculation is particularly rewarding if/when you can simultaneously shift these larger costs to another party!

The paradigm economic example is "picking up pennies in front of a steam roller".

A company culture isn't defined by those fancy *mission statements* constructed by expensive consultants; it is defined by "who gets fired for which reason".

Up until recently, privacy and security were "hand waves" for computer architects; no CEO ever got fired for destroying customers' privacy or security, but they traditionally did get fired for poor computer performance.

Equifax has finally changed the calculus for CEO's of companies holding large amounts of customer information; there needs to be an equivalent computer company CEO firing before computer architectures finally get serious about privacy and security.