IEEE Spectrum January 4, 2018
Meltdown and Spectre flaws take advantage of the processors’ hardware rather than a software flaw, so they circumvent security schemes built into major operating systems. An international team of researchers (Australia, USA – University of Pennsylvania, industry partners) found that Meltdown breaks the most fundamental isolation between user applications and the operating system. This attack allows a program to access the memory, and thus also the secrets, of other programs and the operating system. Spectre is potentially wider reaching because it breaks the isolation between different applications. It allows an attacker to trick error-free programs, which follow best practices, into leaking their secrets… read more.
Illustration: Natascha Eibl