Spectre and Meltdown attacks explained understandably

I think this is the best YouTube video for this on the site.

WeightlessFlex

This is the most relaxed and best explanation of the topic I have found on the whole internet. You do not only make good examples, but you also slowly approach the topic with analogies and good visual representation. It is nearly perfect, the only thing worth improving is your microphone. Kudos to this. You should be a teacher.

dontanton

Why do people have to play music over talking, a most annoying thing to do.

wilfhoward

BY FAR, the best explanation of Spectre I've seen, and I've looked at a few. And very well produced too. Thank you. Please make more videos.

AzRon

One of the most visually delighing and comprehendible explanations. Please note 14:29 mins is the crux of the explanation where usgae of an instrument, side channnel timing attack, memory leakage and other concepts comverge

siddharthtaragi

Nice but the music is too loud. Thanks anyway.

Hands down the best example of spectre and meltdown. Subscribed immediately :)

vishalgupta

In your example, how can a process controlled by the attacker access the memory allocated to a victim? Each process gets its own virtual address space. However, it does make sense that an attacker process could access kernel memory through speculative execution, bypassing privilege checks, thus melting the boundary between kernel and user process memory, hence the name "meltdown". The example you gave is more representative of the Meltdown vulnerability than Spectre, and a good mitigation for the Meltdown vulnerability would be kernel page table isolation. Spectre is based on the attacker training the CPU's branch predictor to expect certain branches and the cache implementation.

achyuthvishwamithra

Recommended by our professor to understand what Spectre and Meltdown attack is. Well explained! Thank you! Subscribed for more content!

joyhumin

Probably the best video I’ve come across that explains how this functions for a non CS individual... thanks!

andrewo

The best explanation with good terminology. Presentation can benefit by removing the starting music.

haritadepalli

I've watched wayyy too many videos to understand this, this really helped!

thepromisedlan

Very well explained Professor. That was great. Both, explanation and attack technique

yuryeuceda

this is the best explanation video of these exploits I have ever seen.Thank you :) and can you make a video on zombieload side channel attack?

azr_sd

great video and clear explainatrion. But the person in charge of the 😒😭😭

mariafailli

This is a great explanation of how it works.

thefelix

Nice, first source I found which explained how the data was retrievable from cashe :). I learned something today.

vultoneo

Detailed and Clear, thanks for your explanation!

heroicH

it rolled back all the registers but did not roll back the cache accesses

PriyankaMondal-tgfx

I understand this might be just an example, but being regular string password "hunter2" is stored in memory sequentially and when CPU loads first symbol, following (let's say 64) will appear in CPU cache as part of the same cache-line, so why should CPU spend more time on the next symbol reading?

tigran