So Intels solution to its insecure memory stuff is to rely on software developers & fucking RAM manufacturers to fix it?
As previously noted, Rowhammer is a DRAM failure. In the past, bit upsets due to neighboring row accesses would have been a reason to fail DRAM at the factory, and when this was discovered the vulnerable products were not acting in accordance to their specifications. That people have moved to secondary mitigations or software is an indication that the DRAM products affected were too widespread to recall or that the reality going forward was that density would come at the price of discarding old standards of array reliability.
However, there are notable use cases for knowing the physical memory layout of data like IO, NVRAM (big reason why some key instructions exist), and high-performance code. Memory controllers and DRAM modules have limited ranges where they can provide sustained bandwidth and consistent latency based on the physical access patterns. As such, this is likely too important of a case for software to be denied knowledge of the physical address space. I think OS developers are trying to find ways of providing privilege levels for getting this information, which was something that could be queried or derived rather freely up until recently.
Besides, this is just one side channel. The cache hierarchies, TLBs, and page table layouts are perhaps further out from the memory reorder buffer, but they have well-documented and not-difficult channels for leaking physical address information. There's no likely change on the horizon for ripping out the x86 virtual memory architecture or changing all caches past the L1 to anything but physical addressing.
As far as counting on software with secret information to be modified to not have path selection based on hidden values, that's been standard cryptographic practice for decades. Secret values are not to be used by instructions or units whose behavior may change based on the contents, or the usage should be obfuscated by stalls or parallel make-work that creates external behavior that is indistinguishable. New side channels or missed exploits are usually reasons to change the code, since almost all execution outside of these limited exceptions considers this behavior to be unimportant, acceptable, or expected.
In that regard, certain attacks using physical address leaks would be worse on a system using AMD's recommended setup, since a subset of attacks are related to kernel address space mapping leaks fixed by the KAISER changes repurposed for Meltdown.
Why then were they unable to reproduce the vulnerability with ARM or AMD?
It can come down to specific implementation choices or the algorithm used.
There may also be northbridge or system-level mitigations for problematic patterns that might make such patterns more difficult to sustain, or might make leaking the physical mapping less impactful.
The AMD chip I saw listed was Bulldozer, whose specific OoO memory implementation was not really disclosed in years past. There could be corner cases that could correlate physical addresses that just differ from the subset of bits Intel used, or from my recollection discussion for Bulldozer's forwarding and disambiguation schemes were that they were more fragile or obscured by other architectural stalls and pitfalls. The weaker load/store pipeline and the unconventional write-through to a write-combining cache that spilled into an insufficient L2 could provide enough of a shadow to lose modest latency spikes versus a generally high-performance Intel scheme with an isolated set of longer mispredicts or a sub-optimal replay mechanism.
AMD's Zen has been tested to have a more robust speculation pipeline, although testing may be complicated by other forms of speculation that occur within the register file and renamer prior to getting out to the store queue. The store queue which would function using physical addresses and might have its own layer for speculation that could have a timing side channel.
The general case is that a subset of bits or a hash function using an unknown number of bits (likely >48 bits) is discussed, meaning there could be gaps that could be exploited to varying degrees if they were as well-known.
The ARM chip I saw listed was a Qualcomm version of the A73, which is just one ARM core of many. Of note, there is a different store to load forwarding mispredict exploit that AMD, Intel, ARM, and others do have exposure to in various products (variant 4) where measures for restricting speculation on store forwarding exist. Some ARM cores do have microcode changes to expose these methods, so they may have a somewhat different implementation for speculation.
Of the ARM vendors, I would be curious about Apple. For one thing, Apple's cores are significantly higher-performance, IOS products got Meltdown-related changes as well, and Apple and Intel ran into litigation surrounding the same memory disambiguation patent.