From m.handley at cs.ucl.ac.uk  Wed Jan 10 16:53:21 2018
From: m.handley at cs.ucl.ac.uk (Mark Handley)
Date: Wed Jan 10 16:51:57 2018
Subject: [Nets-seminars] Seminar on Spectre and Meltdown tomorrow
Message-ID: <1515603201.2754330.1230801152.499F9000@webmail.messagingengine.com>

 
It's short notice I know, but I'll be giving the Infosec seminar tomorrow on the Spectre and Meltdown vulnerabilities and the current state of the art on mitigations.  This isn't my research, but the topic is too interesting and the impact too wide to miss the opportunity for some fun discussion.

Mark


Where: Roberts 508
When: 4pm, Thursday 11th Jan.

Abstract

The Meltdown and Spectre vulnerabilities in almost all modern CPUs have received a great deal of publicity in the last week. Operating systems and hypervisors need significant changes to how memory management is performed, CPU firmware needs updating, compilers are being modified to avoid risky instruction sequences, and browsers are being patched to prevent scripts having access to accurate time. All this because of how speculative execution is handled in modern pipelined superscalar CPUs, and how side-channel attacks reveal information about execution that the CPU tries to pretend did not happen. Mark Handley will explain what modern CPUs actually do to go fast, discuss how this leads to the Meltdown and Spectre vulnerabilities, and summarize the mitigations that are being put in place.