Read More: Ratburger
You may have heard about the discovery of a major security hole affecting most recent Intel microprocessors which allows a process running on a computer to exploit a side-channel attack to read privileged information from the operating system or other processes on the same machine. Here is the technical paper describing this exploit. This was reported by those who discovered it to the major CPU manufacturers: Intel, AMD, and ARM on 2017-06-01, but kept secret to allow time for mitigation to be put into place. This is one of the most serious hardware problems to have discovered in mass-produced microprocessors since the notorious Intel Pentium floating point divide bug in 1994. It is difficult to exploit this bug, but it defeats the security of systems running on these processors at a fundamental level and is costly to mitigate in software, with a performance hit of up to 30% for programs which make a large number of system calls. The bug is due to interaction between memory protection, the processor’s cache, and a performance tweak called “speculative execution”, in which when encountering a conditional branch the CPU goes both ways and then discards the path not taken after it completes evaluation of the conditional upon which the branch depends. Unless you’re deeply marinated in CPU architecture, all of this may sound like gibberish, but if you’re using a computer with an Intel microprocessor, it affects you. Fortunately, Master Explainer Scott Manley has recorded this excellent twelve minute video (above) which provides a gentle introduction to the bug and its consequences.