Name: Spectre and Meltdown attacks explained understandably
Uploaded: 2018-01-07T16:38:45.000Z
Duration: 16 min 19 s
Description: Thousands of YouTube videos with English-Chinese subtitles! Now you can learn to understand native speakers, expand your vocabulary, and improve your pronunciation...

Adverbs of degree

So imagine if JavaScript could just read anything
on your computer.

The second conditional

If some tab on your browser just had access
to reading all your passwords or knowing what

By a computer I of course mean any kind of
computing device, like your smartphone.

What would be particularly worrying is if
this were to happen without exploiting any

software vulnerabilities
or without fooling you to do so.

That's actually the state of affairs right
now.

We are currently seeing a series of attacks
called Spectre and Meltdown, in what I'm going

I'm want to explain the core of these vulnerabilities
to a wider audience.

I'm going to skim a lot of the technical details.

So we're not going to go into some of the
necessary technical details that make exploitation

But I just wanted to give you the idea of
what these vulnerabilities are doing.

My name is Ymir Vigfusson and I'm Assistant
Professor of Computer Science at Emory University.

Before we get started, I just wanted to give
credit where credit is due.

These vulnerabilities were found by actually
concurrently separate teams, who have done

fine work on writing up the details, and I
encourage you to look at it.

So let me introduce the three ingredients
that are we are going to need to understand

The first one is to understand how memory
works.

The second one is to understand "speculative
execution" in your CPU.

And the third one is something called "side-channel
attacks".

Naturally, Spectre and Meltdown are at the
convergence of these new kinds of attacks

that are becoming particularly worrying as,
well as hardware errors that are also worrying.

So it's in the intersection of something that
we need to be looking out for in the coming

Let's take it at a really high level, simplified
view of your computer.

A computer is really a bunch of different
components that are strung together.

These components include things for input/output,
like your monitor, and your keyboard, your

And then there is a CPU in the middle that
does all the processing.

And finally, there is memory, and I'm counting
hard disks or SSDs as being part of your memory.

Really what happens when you are doing something
on your computer is that you're going to load

a program from a disk, and it's going to be
executed by the CPU.

Your CPU is going to do a bunch of computations,
and those computations involve memory, so

And finally it may produce some output and
that output may end up on your monitor, on

That's basically what execution on a modern
computer looks like.

Inside your memory you actually have contents
of all the different kinds of programs that

This could be programs you're running; it
could be data pertaining to the operating

system that you're running, like Linux, Windows
or MacOS, and so forth.

Memory is an amalgam of all these different
types of things that could be used, as well

as storing intermediate computations for the
CPU.

Let's look at memory a little bit more in
detail.

There is a lot to a memory hierarchy inside
a computer.

If we think about memory, it's actually very
helpful to just visualize it as a long sequence

Each box contains one bit, or one byte of
information in our case.

There are actually several layers of memory.

What I've drawn here is something called DRAM,
which is actually very big but veeery sloooow

If the CPU wants wants to retrieve some data
from it, it has to wait for a while.

So what we have are actually several other
layers called cache memory.

So let me draw cache memory here in front.

Suppose I wanted to open one of these boxes.

My request -- it's fast memory over here -- that
this particular orange box over here be opened.

Whereas if I try to open up a different box,
if I open up this one, I can actually first

And that has an exact copy of what I need.

Now, the way cache memory is maintained is
that when you retrieve something, you often

take a copy and put it into the cache memory
so that the next time you might need it, you have

But cache memory is small, and tends to be
pretty expensive.

This is actually the subject of much of my
research.

Now.. let me illustrate it with an example.

Suppose that you are asking a computer to
authenticate, and there is a particular password

This has actually happened on several routers.

This is something known as a "timing attack".

This is a kind of a side-channel attack, but
I think it illustrates the point.

Suppose the password is, randomly, "hunter2".

Now, what you might do is to start guessing.

You say, like, "Well, is the password 'a'
?"

And the computer has to run around and check
if it matches.

Looks at the first character of the password,
and sees that it's 'h'.

Of course, there are exponentially many possibilities
here, and you'd be out of luck.

But in this particular case, as you keep guessing.