arxiv 1801 01207 what is meltdown
play

arXiv:1801.01207 What is meltdown? Meltdown is a hardware exploit - PowerPoint PPT Presentation

Dec 10, 2022 •277 likes •369 views

arXiv:1801.01207 What is meltdown? Meltdown is a hardware exploit that allows unprivileged user to access system memory . Meltdown takes advantage of speculative execution , in particular its ability to meltdown security barrier

  1. arXiv:1801.01207

  2. What is meltdown? Meltdown is a hardware exploit that allows unprivileged user to access system memory . Meltdown takes advantage of “speculative execution” , in particular its ability to “meltdown” security barrier between user and system memory spaces on Intel processors.

  3. Why should I care? arXiv:1801.01207 I can read your saved password on Firefox or Chrome!

  4. How does meltdown work? Step 1: setup “covert channel” to monitor a “probe array”. cache hit Step 2: access system memory, raising a segmentation fault. segmentation fault speculative execution Step 3: use speculative execution to cache memory value. Step 4: use covert channel to read cached value.

  6. What to do? 1. Update your browsers! (e.g. Chrome, Firefox) 2. Update operating system – yes, that means Windows updates too 3. Wait for Intel’s microcode/firmware update - Intel’s current patch is buggy

  7. Performance Hit arXiv:1801.04329

  8. References: Google Project Zero broke the news Meltdown and Spectre is the official website Proof-of-principle code by paboldin

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

SO(32) heterotic string theory Hajime Otsuka (Waseda U.) based on arXiv:1801.03684 [hep-th] JHEP

SO(32) heterotic string theory Hajime Otsuka (Waseda U.) based on arXiv:1801.03684 [hep-th] JHEP

Hypercharge flux in SO(32) heterotic string theory Hajime Otsuka (Waseda U.) based on arXiv:1801.03684 [hep-th] JHEP 05 (2018) 045 arXiv:1808.XXXXX [hep-th] (with K. Takemoto) PPP2018 @ YITP, Kyoto Why (super)string theory ? Quantum

673 views • 28 slides
Algorithms for the Separation of Orbit Closures of Matrices (arXiv:1801.02043) Harm Derksen

Algorithms for the Separation of Orbit Closures of Matrices (arXiv:1801.02043) Harm Derksen

Algorithms for the Separation of Orbit Closures of Matrices (arXiv:1801.02043) Harm Derksen (University of Michigan) joint work with Visu Makam (IAS) SIAM conference on Applied Algebraic Geometry July 12, 2019 Harm Derksen Algorithms for

639 views • 38 slides
Meltdown or "Holy Crap: How did we do this to ourselves" Abstract Meltdown

Meltdown or "Holy Crap: How did we do this to ourselves" Abstract Meltdown

Meltdown or "Holy Crap: How did we do this to ourselves" Abstract Meltdown exploits side effects of out-of-order execution to read arbitrary kernel- memory locations Breaks all security assumptions given by address space

159 views • 13 slides
Spectre and Meltdown Clifford Wolf q/Talk 2018-01-30 Spectre and Meltdown Spectre

Spectre and Meltdown Clifford Wolf q/Talk 2018-01-30 Spectre and Meltdown Spectre

Spectre and Meltdown Clifford Wolf q/Talk 2018-01-30 Spectre and Meltdown Spectre (CVE-2017-5753 and CVE-2017-5715) Is an architectural security bug that effects most modern processors with speculative execution It allows a program

441 views • 16 slides
Introductiontothelarge chargeexpansion Domenico Orlando Introduction Whos who S. Reffert

Introductiontothelarge chargeexpansion Domenico Orlando Introduction Whos who S. Reffert

INFN | Torino 17 June 2020 | SNS arXiv:1505.01537 , arXiv:1610.04495 , arXiv:1707.00711 , arXiv:1804.01535 , arXiv:1902.09542 , arXiv:1905.00026 , arXiv:1909.02571 , arXiv:1909.08642 , arXiv:2003.08396 , arXiv:2005.03021 and more to come

1.06k views • 89 slides
Spectre/Meltdown at eCG: Rebooting 80k cores Bruno Bompastor Adrian Joian Cloud Reliability Team

Spectre/Meltdown at eCG: Rebooting 80k cores Bruno Bompastor Adrian Joian Cloud Reliability Team

Spectre/Meltdown at eCG: Rebooting 80k cores Bruno Bompastor Adrian Joian Cloud Reliability Team 2018 10 Brands In Multiple Countries NL/DE Datacenters Spectre/Meltdown - Meltdown: melts security boundaries which are normally enforced by

305 views • 26 slides
Introductiontothelarge chargeexpansion Domenico Orlando Introduction Whos who S. Reffert

Introductiontothelarge chargeexpansion Domenico Orlando Introduction Whos who S. Reffert

INFN | Torino 15 September 2020 | Crete Center for Theoretical Physics arXiv:1505.01537 , arXiv:1610.04495 , arXiv:1707.00711 , arXiv:1804.01535 , arXiv:1902.09542 , arXiv:1905.00026 , arXiv:1909.02571 , arXiv:1909.08642 , arXiv:2003.08396 ,

1.75k views • 142 slides
Alargecharge torulestrongcoupling Domenico Orlando Introduction Whos who S. Reffert (AEC

Alargecharge torulestrongcoupling Domenico Orlando Introduction Whos who S. Reffert (AEC

INFN | Torino 8 Oct 2019 | Bridging perturbative and nonperturbative physics arXiv:1505.01537 , arXiv:1610.04495 , arXiv:1707.00711 , arXiv:1804.01535 , arXiv:1902.09542 , arXiv:1905.00026 , arXiv:1909.02571 , arXiv:1909.08642 and more to come

1.02k views • 62 slides
Meltdown Overview of a security vulnerability Stefano Ottolenghi @ Binary Analysis and Secure

Meltdown Overview of a security vulnerability Stefano Ottolenghi @ Binary Analysis and Secure

Meltdown Overview of a security vulnerability Stefano Ottolenghi @ Binary Analysis and Secure Coding Universit degli Studi di Genova December 3rd, 2018 Overview Meltdown breaks memory isolation and allows a process to read the entire

335 views • 18 slides
Meltdown Overview of a security vulnerability Stefano Ottolenghi @ Binary Analysis and Secure

Meltdown Overview of a security vulnerability Stefano Ottolenghi @ Binary Analysis and Secure

Meltdown Overview of a security vulnerability Stefano Ottolenghi @ Binary Analysis and Secure Coding Universit degli Studi di Genova December 3rd, 2018 Overview Meltdown breaks memory isolation and allows a process to read the entire

526 views • 25 slides
Bipartitions from Algebras of Observables arXiv:1909.12851 w/ Oleg Kabernik (UBC) and Ashmeet

Bipartitions from Algebras of Observables arXiv:1909.12851 w/ Oleg Kabernik (UBC) and Ashmeet

Quantum State Reduction: Generalized Bipartitions from Algebras of Observables arXiv:1909.12851 w/ Oleg Kabernik (UBC) and Ashmeet Singh (Caltech) Jason Pollack jpollack@phas.ubc.ca Theory Group Seminar Prior Work: UT Austin 1801.09770 (OK)

979 views • 61 slides
CPU Side-Channel Attacks the Meltdown Attack Heechul Yun 1 This Week: Hardware Security

CPU Side-Channel Attacks the Meltdown Attack Heechul Yun 1 This Week: Hardware Security

CPU Side-Channel Attacks the Meltdown Attack Heechul Yun 1 This Week: Hardware Security Introduction Meltdown Papers Spectre Attacks: Exploiting Speculative Execution, IEEE Security and Privacy (S&P), 2019 (Dustin)

726 views • 44 slides
Meltdown & Spectre Attacks Overview An analogy CPU cache and use it as side channel

Meltdown & Spectre Attacks Overview An analogy CPU cache and use it as side channel

Meltdown & Spectre Attacks Overview An analogy CPU cache and use it as side channel Meltdown attack Spectre attack Microsoft Interview Question Stealing A Secret Secret: 7 Guard with Memory Eraser Restricted Room CPU

732 views • 30 slides
SWANBOURNE HISTORY GROUP INTERPRETATION OF THE SWANBOURNE CENSUSES 1801 TO 1911 (c) LJRodgers

SWANBOURNE HISTORY GROUP INTERPRETATION OF THE SWANBOURNE CENSUSES 1801 TO 1911 (c) LJRodgers

SWANBOURNE HISTORY GROUP INTERPRETATION OF THE SWANBOURNE CENSUSES 1801 TO 1911 (c) LJRodgers 23.11.12 What is a Census? Definition from the Office of National Statistics: Every ten years since 1801 the nation has set aside one day for

987 views • 21 slides
arXiv:1801.00084v1 [hep-ex] 30 Dec 2017 measurement will accumulate 21 times the BNL statistics

arXiv:1801.00084v1 [hep-ex] 30 Dec 2017 measurement will accumulate 21 times the BNL statistics

THE MUON g - 2 EXPERIMENT AT FERMILAB Wesley Gohn a for the Muon g -2 Collaboration University of Kentucky, Lexington, KY, USA Abstract. A new measurement of the anomalous magnetic moment of the muon, a ( g 2) / 2, will be performed at

153 views • 4 slides
Michael Duff Imperial College London based on [arXiv:1301.4176 arXiv:1309.0546 arXiv:1312.6523

Michael Duff Imperial College London based on [arXiv:1301.4176 arXiv:1309.0546 arXiv:1312.6523

Twin supergravities from ( Yang - Mills ) 2 Michael Duff Imperial College London based on [arXiv:1301.4176 arXiv:1309.0546 arXiv:1312.6523 arXiv:1402.4649 arXiv:1408.4434 arXiv:1602.08267 arXiv:1610.07192 A. Anastasiou, L. Borsten, M. J.

534 views • 31 slides
1.3. MINOS KERNEL 79 System Startup OS Initializer (we!) RPI (2) VC / firmware Initialize

1.3. MINOS KERNEL 79 System Startup OS Initializer (we!) RPI (2) VC / firmware Initialize

1.3. MINOS KERNEL 79 System Startup OS Initializer (we!) RPI (2) VC / firmware Initialize hardware Set stack registers for all processor modes Copy boot image to RAM Setup free heap list and module list Jump to OS boot image

286 views • 28 slides
CS149: Elements of Computer Science Data representation 0=low, 1=high 1. Format (b) More

CS149: Elements of Computer Science Data representation 0=low, 1=high 1. Format (b) More

CS149: Elements of Computer Science Data representation 0=low, 1=high 1. Format (b) More intermediate levels = higher (a) Computers use binary system to error rate represent information (c) Rationale is underlying (b) Bit = binary digit, or

1.12k views • 54 slides
Outline Second Order Derivatives with ADTAGEO ADTAGEO Gradient-Mode 1 Algorithmic Differentiation

Outline Second Order Derivatives with ADTAGEO ADTAGEO Gradient-Mode 1 Algorithmic Differentiation

Outline Second Order Derivatives with ADTAGEO ADTAGEO Gradient-Mode 1 Algorithmic Differentiation Through Automatic Graph Elimination Ordering ADTAGEO at a glance 2 Implementation 3 Andreas Griewank Jan Riehme Institute for Applied

472 views • 10 slides
Working with CAIDAs (and other) DATA, Bottlenecks and Affordability a study in Tamil Nadu

Working with CAIDAs (and other) DATA, Bottlenecks and Affordability a study in Tamil Nadu

The 8th Workshop on Internet Economics CAIDA and the Massachusetts Institute of Technology (MIT) University of California San Diego 13-14 December 2017 Working with CAIDAs (and other) DATA, Bottlenecks and Affordability a study in Tamil

275 views • 15 slides
Speculative Taint Tracking Lindsey McAllister 6.888 Fall 2020 Whats the Point? A system that

Speculative Taint Tracking Lindsey McAllister 6.888 Fall 2020 Whats the Point? A system that

Speculative Taint Tracking Lindsey McAllister 6.888 Fall 2020 Whats the Point? A system that efficiently protects against transient side-channel attacks by executing and selectively forwarding an instruction if it cannot forward a covert

411 views • 21 slides
Advanced Systems Security: Hardware Security Trent Jaeger Systems and Internet

Advanced Systems Security: Hardware Security Trent Jaeger Systems and Internet

Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security: Hardware Security Trent Jaeger

703 views • 46 slides
Meltdown an and Sp Spectre vu vuln lnerabili litie ies th the ch chall llenge is is up!

Meltdown an and Sp Spectre vu vuln lnerabili litie ies th the ch chall llenge is is up!

2/21/2018 Meltdown an and Sp Spectre vu vuln lnerabili litie ies th the ch chall llenge is is up! Jos van Eijndhoven Synopsys {040CODERS.nl} Meetup 20180215 Jos van Eijndhoven Profession: IC design tools, Hobby: Processor design

545 views • 15 slides
SoK: The Challenges, Pitfalls, and Perils of Using Hardware Performance Counters for Security

SoK: The Challenges, Pitfalls, and Perils of Using Hardware Performance Counters for Security

SoK: The Challenges, Pitfalls, and Perils of Using Hardware Performance Counters for Security Sanjeev Das , Jan Werner, Manos Antonakakis, Michalis Polychronakis, and Fabian Monrose SoK: The Challenges, Pitfalls, and Perils of Using Hardware

529 views • 28 slides

More recommend