Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Meltdown and Spectre in 10 mins

9b6423e15df69eef44d5d34189e128f3?s=47 Stephen Best
January 11, 2018
Technology
0
94

Meltdown and Spectre in 10 mins

A simplified explanation of how these attacks work along with some advice on staying safe.

9b6423e15df69eef44d5d34189e128f3?s=128

Stephen Best

January 11, 2018
Tweet

More Decks by Stephen Best

See All by Stephen Best
Practical dependency injection for Ruby
9b6423e15df69eef44d5d34189e128f3?s=48 bestie
1
57
Improve your (Ruby) code with dependency injection
9b6423e15df69eef44d5d34189e128f3?s=48 bestie
6
420
Tastebuds Radio - a rapidly developed Ember.js app
9b6423e15df69eef44d5d34189e128f3?s=48 bestie
2
420

Other Decks in Technology

See All in Technology
モブに早く慣れたい人のためのガイド / A Guide to Getting Started Quickly with Mob Programming
A97eee01397705443a72a48ce29d3e19?s=48 cybozuinsideout
PRO
2
1.8k
複数のスクラムチームをサポートするエンジニアリングマネジメントの話
4bddf664b03da8ad6b8d61660dcdc682?s=48 okeicalm
0
1.1k
220628 「Google AppSheet」タスク管理アプリをライブ作成 吉積情報伊藤さん
50bc42471d197d0dbef7171f2ef85bb6?s=48 comucal
PRO
0
220
UIKitのアップデート 
#WWDC22
9d1961575e45a8286cdde5f86dbba312?s=48 akatsuki174
4
330
Scrum Fest Osaka 2022 フルリモート下でのチームビルディング
478bd912a17b65fa0ab8c1d81912b9b1?s=48 moritamasami
2
1.2k
インフラのCI/CDはGitHub Actionsに任せた
F5c597c41d9bc6a80cce50adbd6c7bd9?s=48 mihyon
0
110
プログラマがオブジェクト指向しても幸せになれない理由
Bf7fe621f4fe1615c228ef8a79b87282?s=48 shirayanagiryuji
0
140
UWBを使ってみた
8b0e9a3684bd29ecece29db2582e38ae?s=48 norioikedo
0
420
DOM Invader - prototype pollution対応の衝撃 - / DOM Invader - prototype pollution
2c4ef0f20c4f05ca30e6c9917f0c17b6?s=48 okuken
0
150
OpsJAWS Meetup21 システム運用アンチパターンのすすめ
96c31fe94f5e9b0eef4a606eaadcbc04?s=48 yoshiiryo1
0
1.5k
Persistence in Serverless Applications - ServerlessDays NYC
Fd55de4174accaf3b4f030e43a8a70c6?s=48 marcduiker
0
240
Custom AppをIP制限ありのままで審査に通す方法
Df8bc8c531e2c5c89c1a007db1cf79a3?s=48 yusuga
0
680

Featured

See All Featured
How New CSS Is Changing Everything About Graphic Design on the Web
D83926c323d4f9289f947b4b4e76b939?s=48 jensimmons
213
11k
Designing for humans not robots
D36d2c1821af9249b69ff7f5ed60529b?s=48 tammielis
241
23k
Rails Girls Zürich Keynote
24fc194843a71f10949be18d5a692682?s=48 gr2m
86
12k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
95d9f37115fbb0d13135d0f77132f856?s=48 morganepeng
105
16k
Typedesign – Prime Four
A0517b08532aec8ab2aae3f65d40ad86?s=48 hannesfritz
34
1.4k
The Brand Is Dead. Long Live the Brand.
A415db3ac9e9668acbc1fb36eead84ac?s=48 mthomps
46
2.7k
Teambox: Starting and Learning
Aebc2d07a50011e2a30d38435fde564a?s=48 jrom
123
7.7k
Making the Leap to Tech Lead
32de0bd2ba869609d26fd052a4622778?s=48 cromwellryan
113
7.4k
From Idea to $5000 a Month in 5 Months
E4f5d494ebdc9e7cce1aecf3ce3e8bc1?s=48 shpigford
373
44k
Writing Fast Ruby
1f74b13f1e5c6c69cb5d7fbaabb1e2cb?s=48 sferik
612
57k
Building Flexible Design Systems
91cefdf141106fa10674aae74ce05890?s=48 yeseniaperezcruz
310
34k
Facilitating Awesome Meetings
245cee81a9c424266e5e401d844ea881?s=48 lara
29
4k

Transcript

  1. None

  2. @thebestie // Karnov Group 2018 Coolest thing ever to happen

    to CPU nerds Best logos associated with a crisis Affect pretty much everyone Worst computer vulnerabilities possibly ever

  3. @thebestie // Karnov Group 2018 Allows unprivileged programs to read

    the entire systems memory Meltdown ‘Melts’ existing memory isolation boundaries Virtual Machines are not safe! AWS, Google Cloud and Azure

  4. @thebestie // Karnov Group 2018 More limited in scope Spectre

    More complicated, tricky to do, difficult to prevent JavaScript proof of concept can read your entire browser’s memory

  5. @thebestie // Karnov Group 2018 Spectre Malicious JavaScript can steal

    all the information in my browser!

  6. @thebestie // Karnov Group 2018 What’s at risk? Spectre Your

    cookies and active sessions Entire Gmail inbox Social media accounts PayPal Banks

  7. @thebestie // Karnov Group 2018 Update your operating system What

    can I do? Update your browsers Turn on ‘Strict site isolation’ in Chrome Close some tabs and log out

  8. Cool story. @thebestie // Karnov Group 2018 How does it

    work?

  9. 1 x = get_some_legal_data(); 2 y = get_some_illegal_data(); 3 do_something_with_value(y);

    @thebestie // Karnov Group 2018 This is slow, while the CPU waits it executes 2

  10. 1 x = get_some_legal_data(); 2 y = get_some_illegal_data(); 3 do_something_with_value(y);

    @thebestie // Karnov Group 2018 This is illegal but the CPU doesn’t know it yet

  11. 1 x = get_some_legal_data(); 2 y = get_some_illegal_data(); 3 do_something_with_value(y);

    @thebestie // Karnov Group 2018 This is where the magic happens

  12. @thebestie // Karnov Group 2018 0 1 2 3 4

    5 6 7 9 10 This is an array I made earlier, I can read/write

  13. @thebestie // Karnov Group 2018 0 1 2 3 4

    5 6 7 9 10 1 1 x = get_some_legal_data(); 2 y = get_some_illegal_data(); 3 my_array[y] = 1; Looks like y was 7

  14. @thebestie // Karnov Group 2018 0 1 2 3 4

    5 6 7 9 10 But that was illegal An exception was raised State is rolled back

  15. @thebestie // Karnov Group 2018 0 1 2 3 4

    5 6 7 9 10 Something was left over . . . When iterating something strange happens

  16. @thebestie // Karnov Group 2018 0 1 2 3 4

    5 6 7 9 10 Something was left over . . . When iterating something strange happens

  17. @thebestie // Karnov Group 2018 0 1 2 3 4

    5 6 7 9 10 Something was left over . . . When iterating something strange happens

  18. @thebestie // Karnov Group 2018 0 1 2 3 4

    5 6 7 9 10 The CPU has cached the value of 7 The data is returned much faster

  19. @thebestie // Karnov Group 2018 Repeat 1.048.576 times You now

    have 1 MB of data

  20. @thebestie // Karnov Group 2018