Meltdown and Spectre .. for normal people
Meltdown and Spectre are security flaws that gained widespread media coverage in the first days of 2018. Most coverages of these flaws fall either into the category "Intel caused a terrible security bug, all hope is lost!" (AKA we are going to die!) or "By priming the BPU of the CPU a malicious process can read out of bounds memory via speculative code execution" (AKA white noise to most people). With these slides I fill the hole between we are going to die! and white noise.
Contrary to other security bugs these flaws are
- hardware, not software based
- the direct consequence of years of performance improvements
- extremely widespread because they affect (nearly all) computer systems, including mobile phones
How these slides are different
This is for "normal people". With these slides I fill the hole between we are going to die! and white noise. You, the reader, will understand what went wrong, how it went wrong, and why this is bad. I will try to minimise the computer specialists words to an absolute minimum. Promised!
- FrOSCon 2018 (recording)
- 18. Gulaschprogrammiernacht (CCC Karlsruhe) (recording)
- German Perl Workshop 2018