Explaining the Spectre and Meltdown Vulnerabilities

I have never seen a video on this issue explained so succinctly. Thank you

dumpsterdiverspcreclamation

No process can access memory address outside its memory space because each process has a page table in memory which contains both process space and kernel space. This process can not event access kernel space of its own page table. If it do so, operating system will generate an exception which will surely kill the process so how it is possible to read address of from other unprivileged memory space. If you are taking about reading from process own memory space then what is use of spectre?
one more thing memory privileged level are already define and user application has lowest privileged level so how it is possible ? Can you please explain it?

Microcontrollerslab

I was looking around different websites to understand the core concept of this vulnerabilities. But you made an awesome explanation! This video will make people to digger deeper to know more about this. Thank you

RaviKarthickSankar

The best videos that I have watched about those vulnerabilities so far .

hazemzamalkawy

1.15: why spectre is named as is: because of its association with speculative caching. technically: one of the best explanation as compared with the rest.

tthtlc

speculative execution is for branch prediction only. Not for other operations I think

Microcontrollerslab

I have an assignment about Spectre. Can you please recommend a research paper to read about how it works and possible solutions.

mahmoudreda

Great Video. What type of setup do you use to display writing on a board on the video? I am assuming that the image is flipped horizontally.

rayguthrie

Dude It was the best explanation. Your presentation made me understand such a complex thing in only 13 minutes. <3 OK now I can give a deep dive. Again, Hats Off

foysoljyoty

Awesome Video. Helped me so much! However, the question that I couldn't get answer for is (9.53): How does the processor access the protected memory out of order? Thank you for this video

vinamramunot

Basically both merhods are possible because of shortcuts that are designed into the cpus?

asireprimad

Spectre: Would be great to see that from a debugger because I don’t see how an attacker can first set the x value with an arbitrary value (which means already having access to the memory content of the process to spy on), second if a wrong value is set for x then y gives info about a location in Ram which should not be known so basically enable an attacker to read any ram address which is great ;) however there is limits: you can’t access all the ram range with the address range defined by the expression array2(array(x))

What is not explained is how the attacker read the y value / ram content

emmanuelpoirier

Why f5, are you like super down with setting your BIOS to defaults? Is tty5 your favorite? (Hmmm what else does f5 do)

abstractapproach

Thank you for sharing this information.
The one thing I don't see here is identification of the level of access the attacker needs to have to the F5 in order to successfully exploit these vulnerabilities. Most "users" of the F5 aren't going to have accounts on the F5 itself and aren't going to have access to tmsh, bash, or Configuration Utility.

johnweaver

Are the f5s vulnerable to this, would any upgrade help mitigate the problem or do we need a hardware overhaul ?

fortunetellerz

i wonder if the only computers that will glide through is the quantum computers?

sukorileakbatt

What role does the kernel has in these processor vulnerabilities?

desidaru

0:53 It's called Spectre cause it's exploiting the "speculative execution" "A ghost that can't be mitigated" lol.

alexanderbedrossian