The way I understand it, Spectre and Meltdown are similar but different ways to exploit speculative code execution to circumvent protected memory access.
To translate into Humanish, the basic issue is that modern processors are capable of saving time by not thinking "IF THEN ELSE" - they think "temporarily calculate both THEN and ELSE while waiting for result of IF, then throw away the unwanted result".
Problem is that because of this time saving measure, it's possible for one piece of code to reach beyond its permitted memory space and find the unwanted results produced by other pieces of code running at the same time.
So with cunningly applied timed loop handling, working at the memory address level, a piece of code access to data it shouldn't be able to see.It's more complicated, but that's the gist.
A Meltdown exploit is the easiest to program, and mitigation patches have already been released for most OSes (hence the debate about performance degradation).
A Spectre exploit is much harder to program (and executes slower), and current wisdom is that it has to be mitigated via firmware patching (they're very much still at the beta stage with that) if not ultimately hardware replacement.
The other thing is that Meltdown is one kind of attack which can be isolated and blocked, but it's theoretically possible to produce many different kinds of Spectre attacks.
Without wishing to be complacent, I'd say that most hackers aren't computer geniuses capable of coding right at the metal. Most malware involves a large chunk of "off the shelf" code with their nasty payload stapled onto it. But still, the game is on between bad guys and good guys.
All current processors are vulnerable to a greater or lesser degree. For now... courage et confiance, mon brave.
Last edited by Jason Lyon; 01-23-2018 at 08:01 PM.
|