infographic: meltdown/spectre - adaptiva insights...part 1 meltdown/spectre can't crash...

1

Meltdown Cannot Run malicious code Crash computers Can Read “protected” in-memory data Processor Vulnerability Infographic: Meltdown/Spectre How they Work Who is Affected Caching/Speculative Execution Are you searching for ways to secure your enterprise against threats, like Meltdown and Spectre? Learn how to automate endpoint security configuration management with Client Health. Visit: https://adaptiva.com/products/ Copyright ©2018 Adaptiva. All rights reserved. Designed by Adaptiva Design Lab https://adaptiva.com https://adaptiva.com https://adaptiva.com Protected Memory Speculative Execution Faster Processing Less Security Exploits https://design.adaptiva.com Spectre Risk Grows by Size Every Major OS is Vulnerable Two-Part Solution Performance Hit The Good News Read memory contents during Speculative Execution Personal Machines OS Updates Company Servers Cloud Datacenter Chipmaker Microcode Updates (most cases) Early crashes/problems reported with OS fixes OS fixes may require app updates (e.g.- antivirus) Part 1 Meltdown/Spectre can't crash systems, but some fixes can. Part 2 Protected System Fix causes system slowdown Impact may be negligible Newer systems are less impacted Secure Meltdown/Spectre Before sensitive data is exposed Meltdown Only Spectre Only Apple/Mac OS

Upload: others

Post on 06-Jul-2020

9 views

Category:

Documents

0 download

Report

Download

Embed Size (px):

TRANSCRIPT

Page 1: Infographic: Meltdown/Spectre - Adaptiva Insights...Part 1 Meltdown/Spectre can't crash systems, but some ﬁxes can. Part 2 Protected System Fix causes system slowdown Impact may

MeltdownCannotRun malicious codeCrash computers

CanRead “protected” in-memory data

Processor Vulnerability

Infographic: Meltdown/Spectre

How they Work

Who is A�ected

Caching/SpeculativeExecution

Are you searching for ways to secure your enterprise against threats, like Meltdown and Spectre? Learn how to automate endpoint security configuration management with Client Health. Visit: https://adaptiva.com/products/

Copyright ©2018 Adaptiva. All rights reserved.Designed by Adaptiva Design Lab

https://adaptiva.comhttps://adaptiva.comhttps://adaptiva.com

Protected Memory Speculative ExecutionFaster ProcessingLess Security

Exploits

https://design.adaptiva.com

Spectre

Risk Grows by Size

Every Major OS is Vulnerable

Two-Part Solution

Performance Hit

The Good News

Read memory contents during Speculative Execution

Personal Machines

OS Updates

Company Servers Cloud Datacenter

Chipmaker Microcode Updates (most cases)

Early crashes/problemsreported with OS fixes

OS fixes may require app updates (e.g.- antivirus)

Part 1

Meltdown/Spectre can't crash systems,

but some fixes can.

Part 2

Protected System

Fix causes system slowdownImpact may be negligible

Newer systems are less impacted

Secure Meltdown/SpectreBefore sensitive data is exposed

Meltdown Only

Spectre Only

Apple/Mac OS

Spectre Returns! Speculation Attacks using the Return ... · like Spectre variants, Meltdown does not rely on using misspeculation. Since an exception eventually will be raised, this

Spectre/Meltdown at eCG: Rebooting 80k cores · - Meltdown: melts security boundaries which are normally enforced by the hardware - Spectre: exploits speculative execution on modern

Clase01 Fabrica Adaptiva

Rendition Infosec Meltdown and Spectre Slides · Meltdown and Spectre - understanding and mitigating the threats (Part Deux) Jake Williams @MalwareJake SANS / Rendition Infosec sans.org

Meltdown and Spectre - How to Detect the Vulnerabilities and Exploits

Meltdown & Spectre - uni-wuerzburg.de · Michael Schwarz (Graz University of Technology) Who reported Spectre? Jann Horn (Google Project Zero) Paul Kocher in collaboration with Daniel

On the Meltdown & Spectre Design FlawsOn the Meltdown & Spectre Design Flaws Slides taken from Dr. Mark Hill With some small changes. Any errors introduced are my own

Spectre, Meltdown, and Linux€¦ · • Much better than Spectre/Meltdown • Process still needs to improve, Debian notified 48 hours before release. • More fixes came after announcement

The CPU Flaw: Spectre and Meltdown Exposedflagcomputerrepair.co.uk/wp-content/uploads/2018/01/Spectre-Meltd… · Spectre and Meltdown exposed: How you’ll be affected 03 . Imagine

The impact of Spectre and Meltdown - Instaclustr · 2018-02-06 · 2. Intro to Spectre and Meltdown 3. Intro to Spectre and Meltdown 4 • Three exploits • Target information leakage

Exploiting modern microarchitectures: Meltdown, Spectre ... · 3 Exploiting modern microarchitectures: Meltdown, Spectre, and other attacks Overview Today's lecture will cover the

Egalizarea adaptiva

Meltdown and Spectre - USENIX · 10 Meltdown and Spectre Architecture (cont.) • The lowest level targeted by a programmer or (more often) compiler • e.g. C code → assembly code

处理器 A 级漏洞 Meltdown(熔毁和Spectre(幽灵分析报告 · 处理器A 级漏洞Meltdown(熔毁)和Spectre(幽灵)分析报告 ©安天版权所有，欢迎无损转载

Exploiting modern microarchitectures: Meltdown, Spectre, and … · 2018-02-02 · 3 Exploiting modern microarchitectures: Meltdown, Spectre, and other attacks Overview Today's lecture

On the Meltdown & Spectre Design Flawsresearch.cs.wisc.edu/multifacet/papers/hill_mark_wisconsin...On the Meltdown & Spectre Design Flaws Mark D ... were broadly revealed to the public

How the Spectre and Meltdown Hacks Really Worked - IEEE ...€¦ · Spectre and its many variations added Advanced Micro Devices (AMD) processors to that list. In other words, nearly

Spectre/Meltdown & Session chair: Partha Ranganathan ... · Spectre/Meltdown & what it means for future design Plenary Keynote Session, Session chair: Partha Ranganathan, Google The

Meltdown & Spectre

Exploiting modern microarchitectures: Meltdown, …...7 Exploiting modern microarchitectures: Meltdown, Spectre, and other attacks Common concepts in modern architectures • Operating

Spectre, Meltdown, and Linux · Meltdown • Spectre variant “3” • Read kernel data from userspace. • Fixed with page table isolation kernel changes (Kaiser for older kernels)

Filtrare Adaptiva

CS356: Meltdown & Spectre · Spectre: The Risks of Speculative Execution 1. Locate or introduce a sequence of instructions within the process address space which, when executed, act

The spectre of hardware bugs – How to avoid the security ...people.redhat.com/jcm/talks/frOSCon_2018.pdf · 10 The spectre of hardware bugs | How to avoid the security meltdown

MELTDOWN AND SPECTRE - OWASP · Spectre • Harder to exploit than Meltdown. Yay! • Harder to mitigate, too. Ugh. • Can be patched without a performance hit, if the exploit is

1 Real time Detection of Spectre and Meltdown Attacks ...Meltdown attacks while retaining the performance beneﬁts of modern processors, in this paper, we present a real-time detection

Meltdown and Spectre - Rendition InfoSec · PDF fileMeltdown and Spectre - understanding and mitigating the threats Jake Williams @MalwareJake SANS / Rendition Infosec sans.org / rsec.us

Home - Energy and Commerce Committee · affecting the companies' products.l These vulnerabilities — dubbed "Meltdown" and "Spectre" — enable unauthorized access to information

Open Source Insight: Meltdown, Spectre Security Flaws “Impact Everything”

Spectre y Meltdown: dos ataques basados en microarquitecturainformatica.ucm.es/data/cont/media/www/pag-103596/transparencias/... · Reading privileged memory with a side-channel (Jann

On the Meltdown & Spectre Design Flaws · 2018-02-23 · On the Meltdown & Spectre Design Flaws Mark D. Hill Computer Sciences Dept. Univ. of Wisconsin-Madison February 2018 Computer

reglare adaptiva

Spectre & Meltdown · Grundlagen Technische Universität München L Bei Spectre und Meltdown handelt es sich auch um Seitenkanalangriffe. L Problem: L Prozessoren sind an ihrem physikalischen

Meltdown / Spectre - Red Hat€¦ · Patching Spectre Variant #1 – Bounds Check Violations Kernel Patch Variant #2 – Branch Predictor Kernel Patch & CPU Microcode Updates. Impact

Meltdown e Spectre - ime.usp.br