“Meltdown” and “Spectre”: Every modern processor has unfixable security flaws

Windows, Linux, and macOS have all received security patches that significantly alter how the operating systems handle virtual memory in order to protect against a hitherto undisclosed flaw. This is more than a little notable; it’s been clear that Microsoft and the Linux kernel developers have been informed of some non-public security issue and have been rushing to fix it. But nobody knew quite what the problem was, leading to lots of speculation and experimentation based on pre-releases of the patches.

Now we know what the flaw is. And it’s not great news, because there are in fact two related families of flaws with similar impact, and only one of them has any easy fix.

The flaws have been named Meltdown and Spectre. Meltdown was independently discovered by three groups—researchers from the Technical University of Graz in Austria, German security firm Cerberus Security, and Google’s Project Zero. Spectre was discovered independently by Project Zero and independent researcher Paul Kocher.

Read 14 remaining paragraphs | Comments


Author: dasuberworm

Standing just over 2 meters and hailing from о́стров Ратма́нова, Dasuberworm is a professional cryptologist, entrepreneur and cage fighter. When he's not breaking cyphers and punching people in the face, Das enjoys receiving ominous DHL packages at one of his many drop sites in SE Asia.

Share This Post On