Menu

323: Intel is Melting Down Over Spectre

Home / Full Show / 323: Intel is Melting Down Over Spectre

Popsicle Melting Down

It turns out that PC processors have a bug. A bug called Meltdown, which allows hackers to get control of your PC and access all sorts of information. Intel, and others are melting down over this particular problem because it’s not an easy fix. You can patch it, but it will probably slow your computer down. We go into the story of what it is, how it was discovered, and how companies are melting down reacting to it. See below for the show notes and articles.

Audio MP3

Download #323: Intel is Melting Down Over Spectre
Subscribe to the Furlo Bros Tech Podcast ( iTunes  Google Play Music )
Watch #323: Intel is Melting Down Over Spectre on YouTube

Get the artisanal show notes sent directly to you each week

  • Get facts and opinions you can use to show you’re the tech expert.
  • Enjoy free and convenient listening while driving, doing chores and exercising.
  • Hear stories and factoids worth sharing while talking around the water cooler.

It’s totally free. Sign up

Become a Patron

This podcast is sponsored by listeners like you. Become a Fanboy starting at $1 per month. You can also be a Nerd, Junky or Maven; where each have their own level of reward. Learn More & Donate

Melting Down Show Notes

The Lowdown:

  • The exploit can work through javascript on a web browser
  • Worst case they can get kernel memory (including root passwords)
  • The worst case can be mitigated, but with a potentially severe hit to performance.
  • Affects all Intel CPUs for the last 15 years, and at least the next one
  • CERT says the fix is to get a new CPU
  • Spectre is the Vector, Meltdown is the specific attack
  • The code can be OS independent, which is terrifying.

 

How it works:

  • Out of order execution
    • Caches
    • Memory bottleneck
  • Speculative execution
  • Page Tables are the worst part of the kernel attack
  • Mitigating Meltdown will slow down programs that use the kernel a lot
    • Databases are examples of applications that are going to be heavily affected

 

How it came out:

  • Intel was told by Google Project Zero
  • Intel figured out who was affected
  • Intel coordinated with Apple, Microsoft the Linux foundation and others to find solutions, post patches and make the announcement
  • The Linux foundation started pushing out patches at the end of the year, mysteriously.
  • Before long the people had put all the pieces together
  • The Register broke the story arguing the story had already effectively broke, they were just formalizing it.

 

How to Keep A Secret From The Internet Russell Brandom, The Verge

There’s A Bad Bug Going Around Tom Warren, The Verge

Arstechnica Explains Meltdown Peter Bright, Arstechinca

Computerphile Explains Meltdown and Spectre Dr. Steve Bagley, Computerphile

Computerphile Explains How A CPU Works Dr. Steve Bagley, Computerphile

 

Photo by Uroš Jovičić on Unsplash