Why are Spectre and Meltdown So Dangerous?

Why do vulnerabilities always get such cool names?

Wow, someone finally actually explained what the fucking bugs do. Thank you. I was getting tired of people just saying "Oh it's bad" and not actually caring about what it really does

It's a good thing my bank account is always empty

This was probably the best Techquickie video. I actually learned something instead of just getting a lot superficial knowledge

You didn't give enough ram to chrome, ffs Linus!

One important thing that was not mentioned: Meltdown (Intel specific) allows a program to read memory from anywhere on the CPU, included protected system memory. The 2 main spectre vulnerabilities can only read from the currently executing program or another program running in userspace (not system).

As I expected Modern Technology is dangerous, nothing beats my old but realiable Abacus

*4:26** the barking cpu, I'm dead.* 😂

i aint afraid of no ghost

So, the CPUs are like:
"Your next line will be..."

This is one of the best readers digest explanations of the Spectre and Meltdown exploits I've seen so far. Bravo, Linus and the Techquickie team!

As a guy who just had a subject dedicated to building processors from scratch, all of these terms seem very familiar to me, and I loved how well described the problems are in this video, just as always, Techquickie delivers!

The whole schematic to explain the vulnerabilities is very well put together. Nice work!

Checked my steam like 10 times whilst watching this video

Hands down, this was pretty amazing. Great job, Linus.

One consolation about Spectre & Meltdown. We've been hearing (a lot) about these vulns that will end life as we know it, but so far, (as far as I know), there has not been a single malicious example used in the wild, anywhere, any time, by anyone against anyone. The Y2K bug was lot more real and present and easy to demonstrate...
I'm not saying they can't be used in the wild, but we've heard a hell of a lot about them, but after 4 or 5 months, there's still not been a single case of anyone catching gonorrhoea off a toilet seat.

Lol, my name really is Jeff and I live in N.Y. I own an i7 4770k though, not an i5 4670k.😋

Could you talk about the Cambridge analytica scandal?

Spectre is incredibly impractical to exploit. It can really only be used effectively against task-specific machines since the standard home user machine has so much junk data. This supposedly makes it a very useful exploit to steal hashing addresses and wipe out crypto wallets though. Enterprise servers that process payments are ripe targets as well.

6:01 Speaking of plugging holes.....buttplu.....ahem....tunnel bear!! Wanna plug the holes where your ISP can peek at your data? Use a vpn to plug your data holes.
LMAO!

My comp is protected by Drax! His reflexes are so fast nothing would go over his head!

"Why are Spectre and Meltdown so dangerous?"
Mindustry players: indeed they are

I was watching this on my newly bought Sceptre monitor and freaking out until I realized it's just an anagram.

"Knock knock!"
*Branch prediction*
"Who's there?"

The power of christ compels you - spectre the ghost flys out of pc -

Wasn't quite sure of the scope, whether it meant fishing with half a chance, or if it could target particular data.
One thing that seems clear, the two vulnerabilities will not help to gain access initially, but could be used by malware that has already entered, or by a malicious user on a shared system

At 4:22, “This guy really likes x+y” LOL! And the barking CPU

Thank you for developing meltdown and spectre, NSA

Good job, can't imagine how hard this was to make, simplifying and compressing technical information like this is truly impressive. Give my regards to the script writer.

You say I'll notice when my bank account is empty, but that's my secret. My bank account is *always* empty.

Those noises from the viruses are enough to give me nightmares and make me not download anything off the web again...

Great explanation!

Watching this after taran said he gave the malwares their own "personalities"...great touch :)

photoshop using less ram than chrome? 🤣

Both of these require a persistent threat that has already defeated any security features (AV, IDS, IPS) installed. So the threat is there...but if an attacker has already compromised your device or network....Spectre and Meltdown will be the hard way to get what they already have access to.

4:21 Who else checked Steam??

A smartphone trick is to close down all your programes already assigned ram by hitting the square on the left bottom of most devices and hitting the x on the right top of the pages that come up looking like open apps. It is often called closing your recnt apps but I wanted to wxplain it in a way a newbie should be able to understand.

Welp, time to bust out the old 486!

Actual question here: how do specter and meltdown know how fast certain data from certain memory addresses get loaded in if they don't have access to the data in the first place, and so, don't know when they would otherwise get it?

This is the best explanation of these vulnerabilities I have heard! Nice job!

Being a guy that plays Mindustry, a Factorio-like game, I got confused like "Wait are we really analyzing these 2 end-game turrets" and I got dragged into just as informative a rabbit hole
Mindustry V1 wasn't even a thing at the time this was uploaded, haha

Brought to you by the good folks at the NSA (and the University of Wisconsin). A feature, not a bug.

About 12 years ago the company I worked at my former boss, had his credit account hacked, from a website he bought parts for a shop off of!!! Since then I ONLY USE prepaid credit cards online and NEVER use my own personal bank card or credit cards for transactions on the internet!!! For an extra layer of security I buy two or three prepaid cards and switch up which one I use every couple of months, and then when they are about to expire, I buy new prepaid credit cards!!! And when I DO use them I put just the money on them I need to make a purchase!! Call me paranoid, but it hasn't been an issue for me for almost 16 years now!!! In the end if you are buying $200 worth of stuff on eBay, then you keep $220 on the card (to cover any shipping and the cost of the items). Then in a lot of cases just before they expire you yank out your old cards use up the $5 balances before you use your next card!! It confuses the snot out of the hackers, because they see you are using 3 different cards for one purchase and not any of the numbers match!!! And ALSO use different four digit password numbers on each card as long as you can remember what the password is for each card it shouldn't be a problem and I write my last four card numbers down in a small note book, with the four digit pass code next to it, on my desk!!!! If you pick it up YOU CAN NEVER figure out what the 8 digit strings of numbers mean and without the security code number off the back of the prepaid credit card in most cases they are completely worthless as well too!!! Even if somebody steals the notebook!!! Like I say I might be a little paranoid, but this system has worked for me over the course of 16 years and NOBODY has ever hacked my bank account or run up my credit cards without my knowledge!!! So it DOES work!! And even if the hackers get your prepaid credit card number there is never a balance on them either until you are ready to actually use them, so they can't get anything either!!! And it only costs $5 to put money on the cards which is what I consider as money well spent for the "insurance value" of being secure!! And still in a pinch you can use the cards at ANY ATM without fear as well in case you need the money back off of them as well!!! So in most cases it is far more secure then ANY bank will offer you too!!! Lastly in a given month I use between 3 to 5 different prepaid cards, constantly switching between them randomly.....so this week I might use card number 1234 and card 4321, and card 2134 even on the same website!!! All are called out to my name......but my personal information on the prepaid cards are almost totally limited to just my name and address and not much more!!

1:19 But what about consoles and refrigerators?

There have been windows patches pushed it to essentially disable the gesture that enables the hole. It had a performance penalty in some applications, but it's not horrible.

Wrote a paper on this, so it's interesting to understand what he's talking about in this case. These flaws are game-changing for microarchitecture design.

6:25 - That really needs more explanation. Are you saying it would load into memory and then delete the executable, and then maybe put the executable back on the hard drive if it detected the system was being shut down?

So, if I understand well this is like those ram attacks before it was protected and randomized, but instead of just passing an addres, it tells windows to fetch the slippers.

Could those exploits be used on game consoles to run homebrew?

6:22 - "All you can really do is be careful what you click on out there."
That's all we can ever really do. (Well, sanitizing with script blockers also helps.) Security holes spring up faster than the plugs for them.

I'm still wondering why my name was used for a security bug.

glad i learned more about assembly and internal operations of a CPU. all of this makes a ton of sense. it's a way of deducting data at a memory address instead of asking for it directly (which will give a segmentation fault because the memory address it's asking for is outside of the program's "virtual memory", basically its partitioned area / sandbox that it plays in). seems to exploit cpu registers, wouldn't surprise me if this video explains it a little off just so that it's easier to explain. it'd be hard to write an assembly-level bug that utilizes any kind of inference of data, but then again it could probably be done in C, but i doubt it would be

Who the hell cares about someone being the first of a video

4:20
I think I've done this before. Right after my PC turns on, if i try to open explorer, it won't open immediately because it just turned on. But, if I try to open it again, it immediately opens 2 windows of it. I'm not sure if this would fall into this "pattern" category, but It's something I noticed.

Only one of you were first.

well thats one of the reason i'm using adblock and pop up blocker
you'll never know what ads on some website can harm your devices.

"Speculative execution" or "branch prediction" are not "bugs", they're features, and they're burned into intel, Sun, HP, DEC, AMD and ARM silicon, since 1995.

*Laughs in AMD*

How much you want to bet Specter and Meltdown were intentionally implemented at the direction of the NSA and only got fixed because OOPS cats out of the bag

time to change my passwords to some 10 word sentences

6:41 you can see he's ridiculously proud of the segway he just came up with.

When Spectre and meltdown start trying to steal each other's information

Techquickie: it infects computer CPU’s
Me around 1:00: good thing im watching this on a tablet ;-;
Techquickie: IT EVEN INFECTS SMARTPHONES
Me: NOOOOOOOOOOOOOOOOOOOO

This was so simpified and and comprhensive thanks lmg

I like how at 2:35 PhotoShop eats up more RAM than Chrome ;))))

That squarespace segue was gold.

My CompTIA teacher would say how he only uses telephone banking on a separate line and would only plug it in when he needed to use it. I can see why now.

This video is the best one about processor security

I was under the impression to get any information out, you needed local access. As opposed to "clicking on something bad".

I love "Dr. No's" kinky shiny black PVC hands! (mentioned at the start of the video, in case you weren't paying attention) 👍😜🤣

Why has this channel not tackled the important issues like slime and it's effectiveness as a thermal paste?

You should take a Look at Branchscope, it's as devastating as Spectre but not mentioned in mainstream media for some reason.

That just blows my mind. So even if I do something as simple as:
if(false) {dothis()} it will still 'dothis()' even though the code literally renders it impossible because of the possibility of having to 'dothis()'?

The gold is best mylar to drone sheets over triple meltdowns plutonium concoction.keep change bagged good defence.weapon..

So um why the whole Spectre and Meltdown viruses seem worrying this also explained to me why my applications seem to just speed up in loading times over a few days.... weird.

This is why I do all my computing with an enormous roll of toilet paper and a vast quantity of pebbles.

The tech quickie intro is so good. I forgot about it, since I've been watching all vids in Floatplane

Way to change moods...
"And that's why, all of your data can be stolen and you should be afraid. Also, check out squarespace to make your very own website!!"

Ah well good luck trying to extract bank account from my computer that doesn’t even have a bank account.

Linus didn't mention the way these vulnerabilities affect cloud hosts the most.

Linus could you please make a video talking about differences between C++ and C# and which one is better.

woah this video is far better than the rest on this channel (I want to see more videos like this)

and no mention of the spectre microcode updates... well done linus..

2:25 Missed chrome joke opportunity there

Spectre: Affects Intel, AMD, and even phone CPUs.
Watch Dogs 2:

It is so clever to figure this bug out. So much fun understanding Meltdown!

You may have done this already, but if not: I'd really love to see a vlog or WAN Show segment regarding these vulns. Aside from wanting your personal opinion(s) on the whole spectacle, I want to know if you've any tips for us, because I'm sure I'm not alone in having less-than-savvy relatives and friends who are damn near guaranteed to achieve said meltdown in record time, and I really don't know how to begin explaining this to them.

When Linus explains a topic better than a university lecturer.

The Spectre! One of my favorite son- Oh.. you are talking about that other Spectre...

Wow I'm impressed, this video actually got down into pretty technical subjects

As requested, AsRock made a microcode-Update for the good old Z77Pro3. SandyBridge is safe for now. Good thing.

Is it not possible to to code a software that tells the processor to check for a certain code before allowing it to do anything whatsoever?

Well then... I guess I'll add this to the list of things that keep me up at night...

Thank for the explaination Linus

Why did it take until now to be discovered? 1995 bro.... Also i heard that for Spectre you have to be physically next to someone's PC, while Meltdown can be exploited remotely. Is it true?

Thank you for actually explaining what it does in detail.

I got a kick out of how you guys made Meltdown sound like a Breen...

Linus: Meltdown affects every intel CPU made since 1995
Me: *gets a 1994 intel Celeron* YEET

*Footage of technical explanation of the ICUP Joke, 2000-something, Colorized*

now that, was a good rectangular space advert!