Reading List: Meltdown and Spectre
- Project Zero: Reading privileged memory with a side-channel
- Meltdown Attack and Spectre Attack
- Paper: Meltdown (PDF)
- Paper: Spectre Attacks: Exploiting Speculative Execution (PDF)
- ARM Whitepaper: Cache Speculation Side-channels (PDF)
- Negative Result: Reading Kernel Memory From User Mode
Mitigations
- Paper: KASLR is Dead: Long Live KASLR (PDF)
- Google: Retpoline: a software construct for preventing branch-target-injection
- LLVM: Introduce the “retpoline” x86 mitigation technique for variant #2 of the speculative execution vulnerabilities disclosed today, specifically identified by CVE-2017-5715, “Branch Target Injection”, and is one of the two halves to Spectre
- Chrome: Actions Required to Mitigate Speculative Side-Channel Attack Techniques
- Mozilla: Mitigations landing for new class of timing attack
Commentary and News
Bingo! #kpti #intelbug pic.twitter.com/Dml9g8oywk
— brainsmoke (@brainsmoke) January 3, 2018
- LWN: Notes from the Intelpocalypse
- Wired: A Critical Intel Flaw Breaks Basic Security for Most Computers
- Intel spin: Intel Responds to Security Research Findings
- Register: We translated Intel’s crap attempt to spin its way out of CPU security bug PR nightmare
- Apple: About speculative execution vulnerabilities in ARM-based and Intel CPUs