The Spectre Meltdown of the world #1

In school the other day. While programming a chat I heard two co-students talk about an Intel cpu bug just discovered. I'm taking the course Computer Systems, and this Intel bug directly relates to that course. So I have done some investigation. Here you go.

The meltdown / Spectre

So what is this about. I found this article on The Register to get one started. Then I found this rather technical (and therefore top interesting) article on Google Project Zero. And lastly I found this article on PcWorld which sort of puts i all together.

The vulnerabilit/bug seems to happen because of speculative instruction execution of the cpu. To execute bits of an application faster the cpu tries to predict what will happen after an instruction. If this prediction is not fullfilled, the speculation is simply discarded. But smart people have found a way to catch these speculations in the cache even after they are discarded which means that data that should not be available to users of the system, might become so.

To those tech savy, but not read savy, here's a pretty good youtube:

The questions now ofcourse are these two:

• What do we do to prevent
• Who is to blame?

The thing is that the problem isn't so much a bug that it is a solution to another problem: to obtain as fast execution as possible. The big OS-names (Linux,Windows and OSx) have rolled different kind of fixes, but these comes with performance penalties. CPUs have done these kind of speculative executions for about 20 years, so it affects everybody not running Windows 3.11 on their 486. The long term solution is to rethink the way CPUs are constructed. But CPU is a quite complicated thing build in an heavily optimized and refined way. And it doesn't seem to be a solution to start over.

For detailed and compiled info, go to the SpectreMeltdown-Website. I'll be back.