Re: [PLUG] It's the final meltdown!! (Security vulnerabilies)

Walt Mankowski on 7 Jan 2018 08:34:29 -0800

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] It's the final meltdown!! (Security vulnerabilies)

From: Walt Mankowski <waltman@pobox.com>
To: plug@lists.phillylinux.org
Subject: Re: [PLUG] It's the final meltdown!! (Security vulnerabilies)
Date: Sun, 7 Jan 2018 11:34:20 -0500
Dkim-signature: v=1; a=rsa-sha1; c=relaxed; d=pobox.com; h=date:from:to :subject:message-id:references:mime-version:content-type :in-reply-to; s=sasl; bh=XBi6TozJr/sp3UD2dKM1RsXc5aI=; b=EtKi6sW 19DsgFOw/7nyoTzPtI7Nz4Gu/RzH3R74lbVJn2o8x6VzEfvY8Gu7erNCB+As6kE+ 9rdr3V4VXMYmVtAh9B/xW8+w38Xe2NwQgzbyZQcu4CUrcWqw3hSiWhIdy5paGdzk 2rUHF2Nuc6OkF43KQK1zyn3ivNEe9hsT/uI0=
Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
Sender: "plug" <plug-bounces@lists.phillylinux.org>
User-agent: NeoMutt/20170609 (1.8.3)

On Sun, Jan 07, 2018 at 11:09:15AM -0500, Aaron Mulder wrote:
> On Sun, Jan 7, 2018 at 9:40 AM, Paul Walker <pjwalker76@gmail.com> wrote:
> > I have a question: Is this vulnerability the unforeseen outcome of a
> > particular design choice, or is it a particularly nasty example of "code and
> > fix"?

> So one of the issues goes sort of like this:
> * CPU can't tell what sequence of operations is coming next, but it
> has some free time, so it takes a best guess
> * CPU charges ahead with operations based on that guess, at least
> doing something potentially useful in its free time
> * CPU later discovers its guess was wrong, and discards all the work it did

In other words, it's the former. CPUs have been doing these sorts of
optimizations for a long time, and they finally figured out ways to
exploit them.

Walt

Attachment: signature.asc
Description: PGP signature

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

Follow-Ups:
- Re: [PLUG] It's the final meltdown!! (Security vulnerabilies)
  - From: Paul Walker <pjwalker76@gmail.com>

References:
- [PLUG] It's the final meltdown!! (Security vulnerabilies)
  - From: Will <staticphantom@gmail.com>
- Re: [PLUG] It's the final meltdown!! (Security vulnerabilies)
  - From: John Von Essen <john@quonix.net>
- Re: [PLUG] It's the final meltdown!! (Security vulnerabilies)
  - From: Rich Kulawiec <rsk@gsp.org>
- Re: [PLUG] It's the final meltdown!! (Security vulnerabilies)
  - From: Ronald Guilmet <ronpguilmet@gmail.com>
- Re: [PLUG] It's the final meltdown!! (Security vulnerabilies)
  - From: Paul Walker <pjwalker76@gmail.com>
- Re: [PLUG] It's the final meltdown!! (Security vulnerabilies)
  - From: Aaron Mulder <ammulder@alumni.princeton.edu>

Prev by Date: Re: [PLUG] It's the final meltdown!! (Security vulnerabilies)
Next by Date: Re: [PLUG] It's the final meltdown!! (Security vulnerabilies)
Previous by thread: Re: [PLUG] It's the final meltdown!! (Security vulnerabilies)
Next by thread: Re: [PLUG] It's the final meltdown!! (Security vulnerabilies)
Index(es):
- Date
- Thread