GPN18:Meltdown and Spectre for normal people

aus dem Wiki des Entropia e.V., CCC Karlsruhe

Ein Vortrag von Jens Neuhalfen auf der GPN18.

Meltdown and Spectre are security flaws that gained widespread media coverage in the first days of 2018. Contrary to other security bugs these flaws are

  • hardware, not software based
  • the direct consequence of years of performance improvements
  • extremely widespread because they affect (nearly all) computer systems, including mobile phones
  • difficult to patch

This talk fills the gap between _"Intel caused a terrible security bug. Everybody panic!"_ and _"By priming the BPU of the CPU a malicious process can read out of bounds memory via speculative code execution"_.

  • This talk comes with a side order on "Understanding CPU architecture" and "Managing security vulnerabilities".*

Links