> you already addressed that, huh?

It was minator who did back then :-)

> what DOESN'T have branch prediction?

Confusingly, Spectre seems to be more complicated than that as I just read. For instance, both Cortex-A8 and Cortex-A53 are in-order and do branch prediction, but Cortex-A53 is not vulnerable according to Arm Holdings (as linked by polluks) whereas Cortex-A8 is. So it seems to depend on how the branch predictor works specifically.

There's a recent discussion: https://forum.level1techs.com/t/list-of-cpus-most-likely-immune-to-spectre/123128

And this:

"POWER9 is being patched and will not be vulnerable at ship, and there will be no performance loss versus current #POWER9 samples. Patches coming soon."
https://twitter.com/RaptorCompSys/status/949368929507520517
https://social.raptorengineering.io/notice/883

"only the DD2.2 silicon changes were needed. DD2.2 silicon is able to close off these security holes, with the exception of the Spectre same-process read vulnerability that affects the entire CPU industry, with only changes to firmware and a small kernel change."
https://social.raptorengineering.io/notice/887


Edit: As Eben Upton explains, there can be branch prediction without speculative execution. This is where I was confused, thinking the former would require the latter. It's the other way round: speculative execution can only happen after branch prediction has taken place. So as I wrote in my initial comment, vulnerable CPUs are those that do speculative execution. Branch prediction alone doesn't suffice.

[ Edited by Andreas_Wolf 21.03.2018 - 22:16 ]