GPN18:Meltdown and Spectre for normal people: Unterschied zwischen den Versionen

aus dem Wiki des Entropia e.V., CCC Karlsruhe
Keine Bearbeitungszusammenfassung
Keine Bearbeitungszusammenfassung
 
Zeile 1: Zeile 1:


Ein Vortrag von Jens auf der [[GPN18]].
Ein Vortrag von Jens Neuhalfen auf der [[GPN18]].


Meltdown and Spectre are security flaws that gained widespread media coverage in the first days of 2018. Contrary to other security bugs these flaws are
Meltdown and Spectre are security flaws that gained widespread media coverage in the first days of 2018. Contrary to other security bugs these flaws are

Aktuelle Version vom 12. Mai 2018, 13:31 Uhr

Ein Vortrag von Jens Neuhalfen auf der GPN18.

Meltdown and Spectre are security flaws that gained widespread media coverage in the first days of 2018. Contrary to other security bugs these flaws are

  • hardware, not software based
  • the direct consequence of years of performance improvements
  • extremely widespread because they affect (nearly all) computer systems, including mobile phones
  • difficult to patch

This talk fills the gap between _"Intel caused a terrible security bug. Everybody panic!"_ and _"By priming the BPU of the CPU a malicious process can read out of bounds memory via speculative code execution"_.

  • This talk comes with a side order on "Understanding CPU architecture" and "Managing security vulnerabilities".*

Links