Editing 1938: Meltdown and Spectre
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.
The edit can be undone.
Please check the comparison below to verify that this is what you want to do, and then save the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 8: | Line 8: | ||
==Explanation== | ==Explanation== | ||
− | This comic was inspired by the {{w|Meltdown (security vulnerability)|Meltdown}} and {{w|Spectre (security vulnerability)|Spectre}} bugs | + | {{incomplete|Created by an unpatched computer - Please change this comment when editing this page. Do NOT delete this tag too soon.}} |
+ | This comic was inspired by the {{w|Meltdown (security vulnerability)|Meltdown}} and {{w|Spectre (security vulnerability)|Spectre}} bugs in certain processors. These vulnerabilites were disclosed to the public the week of this comic. The bugs made big news because they broke the "walls" between programs, in some circumstances allowing malware to steal secrets from normal, bug-free programs. | ||
− | + | The {{w|Trolley Problem}} is the ethical dilemma thought experiment where an out-of-control trolley is heading to a junction (which you have control over)—to one side it'll kill one group of people—to the other, some others. Your moral dilemma is deciding which is the "best" outcome (eg, hitting a dozen five year old children or three Nobel laureats). This is like a software "if" statement. Speculative execution in most CPU chips is where the computer always takes both sides of a decision like this—explores what will happen down each path—and only causes the effects of the decision to happen when the decision as to which way to proceed is decided. This allows it to keep on doing useful work while some slower decision is made. The "quantum" aspect of this is that in some versions of quantum theory, quantum-level particles take every possible path at once and the result is the sum of all of them. | |
− | In the | + | In a sense, the computer is exploring the consequences of the trolley problem in a quantum-like manner. |
− | + | Contrary to what the comic implies, in many cases both paths are not simultaneously taken during speculative execution. A {{w|Branch predictor}} may be used to select the most likely path, and the effects should be completely erased if the predicted path is incorrect. Both branch prediction and taking both paths, also known as eager evaluation, are considered speculative execution and are affected by these bugs. | |
− | + | This would all be OK if it were not for the fact that devious black-hat hackers can come up with devious ways to see the information that should have been discarded in the "path-not-taken". So even though the computer will eventually decide that some piece of information should not be accessible—you can find out the value it would hypothetically read—even though it will soon decide that it should not access the information. | |
− | The | + | The {{w|Row Hammer}} problem is something entirely different. Computer memories are organized as a two-dimensional grid of rows and columns—and are physically constructed from tiny capacitors. If you apply just the RIGHT pattern of rapid changes to one row of the grid, you can cause one of the capacitors on the next row to incorrectly change state. This is a design flaw in the memory chip—and it allows (in some circumstances) programs to change data in memory locations that they have no right to change. |
− | + | Ponytail mentions that we suck at building "shared computers" because Rowhammer, Spectre, and Meltdown all break down the security divisions built between programs and users. A hacker running a separate program in a separate account shouldn't be able to access your secrets, but these bugs allow them to. This is particularly dangerous for servers and the cloud, where different programs, websites, or even companies can be sharing the same hardware. | |
− | The | + | The title text humorously states that as well as row hammer, computer servers also can be "hacked" by regular hammers. A zero-day vulnerability is an attack that takes advantage of a vulnerability that was discovered that day, and hasn't been patched. One might "patch" a server against this attack by plating it with stronger metal. |
− | |||
− | |||
− | |||
− | |||
− | |||
− | A | ||
==Transcript== | ==Transcript== | ||
− | :[ | + | :[Cueball and Ponytail are walking.] |
:Cueball: The Meltdown and Spectre exploits use "speculative execution?" What's that? | :Cueball: The Meltdown and Spectre exploits use "speculative execution?" What's that? | ||
:Ponytail: You know the trolley problem? Well, for a while now, CPUs have basically been sending trolleys down '''''both''''' paths, quantum-style, while awaiting your choice. Then the unneeded "phantom" trolley disappears. | :Ponytail: You know the trolley problem? Well, for a while now, CPUs have basically been sending trolleys down '''''both''''' paths, quantum-style, while awaiting your choice. Then the unneeded "phantom" trolley disappears. | ||
− | :[ | + | :[Ponytail framed alone, facing left. They have stopped walking.] |
− | :Ponytail: The phantom trolley isn't supposed to touch anyone | + | :Ponytail: The phantom trolley isn't supposed to touch anyone, but it turns out you can still use it to do stuff. |
:Ponytail: And it can drive through walls. | :Ponytail: And it can drive through walls. | ||
− | :[Cueball and Ponytail | + | :[Cueball and Ponytail are standing, facing each other.] |
:Cueball: That sounds bad. | :Cueball: That sounds bad. | ||
:Ponytail: Honestly, I've been assuming we were doomed ever since I learned about Rowhammer. | :Ponytail: Honestly, I've been assuming we were doomed ever since I learned about Rowhammer. | ||
− | |||
:Cueball: What's ''that''? | :Cueball: What's ''that''? | ||
:Ponytail: If you toggle a row of memory cells on and off really fast, you can use electrical interference to flip nearby bits and— | :Ponytail: If you toggle a row of memory cells on and off really fast, you can use electrical interference to flip nearby bits and— | ||
− | :Cueball: Do we just suck at...computers? | + | :Cueball: Do we just suck at ... computers? |
:Ponytail: Yup. Especially shared ones. | :Ponytail: Yup. Especially shared ones. | ||
− | :[ | + | :[They resume walking to the right.] |
:Cueball: So you're saying the cloud is full of phantom trolleys armed with hammers. | :Cueball: So you're saying the cloud is full of phantom trolleys armed with hammers. | ||
− | :Ponytail: ...Yes, that | + | :Ponytail: ...Yes, that's exactly right. |
:Cueball: Okay. I'll, uh... install updates? | :Cueball: Okay. I'll, uh... install updates? | ||
:Ponytail: Good idea. | :Ponytail: Good idea. | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
{{comic discussion}} | {{comic discussion}} | ||
Line 67: | Line 53: | ||
[[Category:Comics featuring Cueball]] | [[Category:Comics featuring Cueball]] | ||
[[Category:Comics featuring Ponytail]] | [[Category:Comics featuring Ponytail]] | ||
− | [[Category: | + | [[Category:Computers]] |
− |