Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Meltdown and Spectre in 10 mins

Avatar for Stephen Best Stephen Best
January 11, 2018
Technology
180
0

Meltdown and Spectre in 10 mins

A simplified explanation of how these attacks work along with some advice on staying safe.

Avatar for Stephen Best

Stephen Best

January 11, 2018

More Decks by Stephen Best

See All by Stephen Best
Practical dependency injection for Ruby
Avatar for Stephen Best bestie
1
130
Improve your (Ruby) code with dependency injection
Avatar for Stephen Best bestie
6
500
Tastebuds Radio - a rapidly developed Ember.js app
Avatar for Stephen Best bestie
2
650

Other Decks in Technology

See All in Technology
MIERUNE JCT 発表資料「宇宙から伊能忠敬ごっこ」
Avatar for じゃらしまる syuchimu
0
170
Platform Engineering as a Product: Criteria for Improvement and Multi-Tenant Design
Avatar for Kumo Ishikawa kumorn5s
0
490
BigQuery の Cross-cloud Lakehouse への歩み
Avatar for Tomonori Hayashi / ぴーはや phaya72
2
540
Databricks 月刊サービスアップデート 2026年05月号
Avatar for ちょし tyosi1212
0
200
Oracle AI Database@AWS:サービス概要のご紹介
Avatar for oracle4engineer oracle4engineer
PRO
4
2.8k
新アーキテクチャ「TiDB X」解説とDedicated比較 TiDB Cloud Premiumのゲーム運用活用を検証
Avatar for altplus Inc. staffrecruiter
0
110
Cloud Run のアップデート 触ってみる&紹介
Avatar for Gre212 gre212
0
300
トークン数だけでは測れない — Claude Code 組織展開の効果検証から学んだこと
Avatar for Masaki Kubota makikub
0
120
AI-DLCを活用した高品質・安全なAI駆動開発実践 / AI Driven Development
Avatar for 吉田真吾 yoshidashingo
1
340
Gradle×GitHub_ActionsでCI時間を約50%短縮 ジョブ分割の設計と落とし穴 / Cutting CI Time by ~50% with Gradle and GitHub Actions: Job-Splitting Design and Pitfalls
Avatar for 冨澤宝斗 takatty
0
620
ポケモンの型をTypeScriptの型システムで表現してみた
Avatar for subroh_0508 subroh0508
0
290
サプライチェーンセキュリティの空白地帯 - 信頼できる”依存性”の未来を考える
Avatar for Hiroki Suezawa (@rung) rung
PRO
2
670

Featured

See All Featured
Principles of Awesome APIs and How to Build Them.
Avatar for Keavy McMinn keavy
128
17k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
Avatar for Rebecca Miller-Webster rmw
35
3.5k
Thoughts on Productivity
Avatar for Jon Yablonski jonyablonski
76
5.2k
Accessibility Awareness
Avatar for Sarah Abderemane sabderemane
1
130
svc-hook: hooking system calls on ARM64 by binary rewriting
Avatar for Akira Moroo retrage
2
280
Beyond borders and beyond the search box: How to win the global "messy middle" with AI-driven SEO
Avatar for David Carrasco davidcarrasco
3
150
Lightning Talk: Beautiful Slides for Beginners
Avatar for Ines Montani inesmontani
PRO
2
570
Visualization
Avatar for Eitan Lees eitanlees
152
17k
The B2B funnel & how to create a winning content strategy
Avatar for Katarina Dahlin katarinadahlin
PRO
1
380
The Curious Case for Waylosing
Avatar for Cassini Nazir cassininazir
1
370
<Decoding/> the Language of Devs - We Love SEO 2024
Avatar for Nikki Halliwell nikkihalliwell
1
230
世界の人気アプリ100個を分析して見えたペイウォール設計の心得
Avatar for Akihiro Kokubo akihiro_kokubo
PRO
71
40k

Transcript

  1. None

  2. @thebestie // Karnov Group 2018 Coolest thing ever to happen

    to CPU nerds Best logos associated with a crisis Affect pretty much everyone Worst computer vulnerabilities possibly ever

  3. @thebestie // Karnov Group 2018 Allows unprivileged programs to read

    the entire systems memory Meltdown ‘Melts’ existing memory isolation boundaries Virtual Machines are not safe! AWS, Google Cloud and Azure

  4. @thebestie // Karnov Group 2018 More limited in scope Spectre

    More complicated, tricky to do, difficult to prevent JavaScript proof of concept can read your entire browser’s memory

  5. @thebestie // Karnov Group 2018 Spectre Malicious JavaScript can steal

    all the information in my browser!

  6. @thebestie // Karnov Group 2018 What’s at risk? Spectre Your

    cookies and active sessions Entire Gmail inbox Social media accounts PayPal Banks

  7. @thebestie // Karnov Group 2018 Update your operating system What

    can I do? Update your browsers Turn on ‘Strict site isolation’ in Chrome Close some tabs and log out

  8. Cool story. @thebestie // Karnov Group 2018 How does it

    work?

  9. 1 x = get_some_legal_data(); 2 y = get_some_illegal_data(); 3 do_something_with_value(y);

    @thebestie // Karnov Group 2018 This is slow, while the CPU waits it executes 2

  10. 1 x = get_some_legal_data(); 2 y = get_some_illegal_data(); 3 do_something_with_value(y);

    @thebestie // Karnov Group 2018 This is illegal but the CPU doesn’t know it yet

  11. 1 x = get_some_legal_data(); 2 y = get_some_illegal_data(); 3 do_something_with_value(y);

    @thebestie // Karnov Group 2018 This is where the magic happens

  12. @thebestie // Karnov Group 2018 0 1 2 3 4

    5 6 7 9 10 This is an array I made earlier, I can read/write

  13. @thebestie // Karnov Group 2018 0 1 2 3 4

    5 6 7 9 10 1 1 x = get_some_legal_data(); 2 y = get_some_illegal_data(); 3 my_array[y] = 1; Looks like y was 7

  14. @thebestie // Karnov Group 2018 0 1 2 3 4

    5 6 7 9 10 But that was illegal An exception was raised State is rolled back

  15. @thebestie // Karnov Group 2018 0 1 2 3 4

    5 6 7 9 10 Something was left over . . . When iterating something strange happens

  16. @thebestie // Karnov Group 2018 0 1 2 3 4

    5 6 7 9 10 Something was left over . . . When iterating something strange happens

  17. @thebestie // Karnov Group 2018 0 1 2 3 4

    5 6 7 9 10 Something was left over . . . When iterating something strange happens

  18. @thebestie // Karnov Group 2018 0 1 2 3 4

    5 6 7 9 10 The CPU has cached the value of 7 The data is returned much faster

  19. @thebestie // Karnov Group 2018 Repeat 1.048.576 times You now

    have 1 MB of data

  20. @thebestie // Karnov Group 2018