Meltdown and Spectre

Submission 8,553

About

Meltdown and Spectre are security vulnerabilities in 64-bit Intel central processing units (CPUs) which grant access to privileged system memory to unauthorized processes and allows cyber attacks to trick error-free programs into leaking sensitive data.

History

On January 2nd, The Register^[3] published an article about a "kernel-memory-leaking Intel processor design flaw," which would require a patch that could slow down processors by up to 30%. On January 3rd, 2018, the Project Zero^[2] team at Google announced the discovery of the Meltdown and Spectre exploits targeting processors created by Intel, AMD and ARM, which use "CPU data cache timing" to "leak information out of mis-speculated execution."

Online Reaction

That day, the website MeldownAttack^[1] was created, providing information on the Meltdown and Spectre processor exploits. Meanwhile, YouTuber Moritz Lipp uploaded footage of Meltdown exploit "dumping memory" (shown below). That day, the video gathered upwards of 117,000 views.

Meanwhile, Redditlor digital_desert uploaded submitted an animation of Meltdown "stealing passwords" to /r/netsec^[4] (shown below).

On January 4th, Redditor 2evil submitted a post accusing the Intel CEO of selling $24 million shares in the company prior to the announcement of the design flaw, along with a photoshopped Intel logo with the slogan "insider trading" (shown below). Within 11 hours, the post gained over 67,000 points (86% upvoted) and 2,700 comments on /r/funny.^[5]