[Simh] Fwd: VAX + Spectre
Paul Koning
paulkoning at comcast.net
Tue Sep 17 13:48:12 CDT 2019
> On Sep 17, 2019, at 2:35 PM, allison via cctalk <cctalk at classiccmp.org> wrote:
>
>>> ...
>
> I see this as a question of the number of angels that can dance on the
> point of a pin. But could GCC compile code that has system access to
> do nasties is a more complex question. Then again how does it get
> system prives to start with?
The issue with Spectre (and Meltdown, on the small set of architectures where that applies) is that it discloses supposedly protected data to unprivileged processes. It isn't a case of playing games starting from system privs; it's a case of learning secret data (perhaps passwords from freed buffers) that were intended to be invisible to your process.
I'd recommend the full academic paper on these attacks by Kocher et al. to anyone with a serious interest in processor architectures -- which fits much of the membership of these lists. Even if you don't work with machines that have this issue, or now that it has been fixed in places where it does apply, it still is a marvelous piece of work and understanding how it works is a great learning exercise.
I could easily imagine a computer science exam question "Describe in one paragraph the specific design error that enabled the Meltdown attack".
paul
More information about the cctalk
mailing list