Glider from the game of Life, rising from the left

Unity

Archives

Blogroll

Topic: #meltdown

Mitigations Have Consequences

2018-01-18⊺07:43:00-06:00

Early attempts to patch operating systems and processor microcode in order to block Meltdown attacks and impede some known instances of the Spectre strategy have had adverse results (beyond slower performance, which was anticipated): incompatibility with some third-party anti-virus utilities, driver crashes, bricking of some AMD systems, and processor crashes on Intel systems that still use the Haswell and Broadwell designs.

Meanwhile, researchers are making progress in turning the proof-of-concept implementations described in the original papers on Meltdown and Spectre into practical attacks.

“Spectre and Meltdown Patches Causing Trouble As Realistic Attacks Get Closer”
Peter Bright, Ars Technica, January 15, 2018
https://arstechnica.com/gadgets/2018/01/spectre-and-meltdown-patches-causing-trouble-as-realistic-attacks-get-closer/

This is all a mess. Some companies, such as cloud service providers, have no real option but to install all the updates, including the microcode updates, because their vulnerability is so great; their business is running untrusted third-party code. For the rest of us, there is urgency, but that needs to be balanced against reliability.

That urgency is growing each day, however, particularly when it comes to the Meltdown attack.

#meltdown #spectre #mitigation

Hashtag index

This work is licensed under a Creative Commons Attribution-ShareAlike License.

Atom feed

John David Stone (havgl@unity.homelinux.net)

created June 1, 2014 · last revised December 10, 2018