RISC-V was meant to fix everything: no black boxes, no vendor secrets, just clean, open hardware for a secure future. At least, that was the dream. Reality, however, looks messier. In this talk, we trace how openness meets microarchitectural chaos. Where even the simplest RISC-V cores stumble over side channels, denial-of-service bugs, and privilege escalations that feel straight out of the x86 playbook. Drawing on a decade of breaking CPUs (Spectre, Meltdown, and friends), we question whether RISC-V is truly the security fresh start it could have been, or just another chapter in the same cat-and-mouse story. Only this time, the mouse brought its own open-source trap. Along the way, we look at why CPU testing still lags far behind software testing, why “open” doesn’t mean “secure”, and what the future of trustworthy CPUs could look like.