For instance, if the program says, "If A is true, compute function X if A is false, compute function Y", the chip can start computing both functions X and Y in parallel, before it even knows whether A is true or false. If the chip knows that a program involves multiple logical branches, it will start working out the math for all of those branches before the program even has to decide between them. Speculative execution essentially involves a chip attempting to predict the future in order to work faster. Technically, there are three variations on the vulnerability, each given its own CVE number two of those variants are grouped together as Spectre and the third is dubbed Meltdown.Īll of the variants of this underlying vulnerability involve a malicious program gaining access to data that it shouldn't have the right to see, and do so by exploiting two important techniques used to speed up computer chips, called speculative execution and caching. Security researchers discovered the flaws late in 2017 and publicized them in early 2018. Spectre and Meltdown are the names given to different variants of the same fundamental underlying vulnerability that affects nearly every computer chip manufactured in the last 20 years and could, if exploited, allow attackers to get access to data previously considered completely protected. There is as of yet no evidence that these flaws have been exploited in the wild, but such exploits would be difficult to detect, and the flaws are so fundamental and widespread that security researchers are calling them catastrophic. The flaws arise from features built into chips that help them run faster, and while software patches are available, they may have impacts on system performance. In the first days of 2018, published research revealed that nearly every computer chip manufactured in the last 20 years contains fundamental security flaws, with specific variations on those flaws being dubbed Spectre and Meltdown.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |