Editing 1938: Meltdown and Spectre

{{comic
| number    = 1938
| date      = January 5, 2018
| title     = Meltdown and Spectre
| image     = meltdown_and_spectre.png
| titletext = New zero-day vulnerability: In addition to rowhammer, it turns out lots of servers are vulnerable to regular hammers, too.
}}

==Explanation==
This comic was inspired by the {{w|Meltdown (security vulnerability)|Meltdown}} and {{w|Spectre (security vulnerability)|Spectre}} bugs found in certain processors; these vulnerabilities were disclosed to the public in the week of this comic. The bugs result from flawed implementations of {{w|speculative execution}}, and made big news because they broke the "walls" between programs executing concurrently on the same computer, in some circumstances allowing malware to steal secrets from normal, bug-free programs.

Speculative execution is a technique used to speed up the execution of computer programs. Processors handle instructions in {{w|Instruction pipelining|a series of steps}}, like an assembly line. The processor works on several successive instructions, each at a different stage in the assembly line. It may start speculatively executing instructions that follow a particular result of a decision before the execution of the logic that makes that decision is finished. Once the decision is made, it keeps results from the selected path, and discards unnecessary results. This allows it to keep doing useful work while some slower decision is made. 

In the Meltdown and Spectre bugs, the results of speculatively executed instructions are not completely discarded, allowing them to affect things that the program logic should have prevented.

[[Ponytail]] uses the {{w|Trolley Problem}}, and {{w|Tram|trolley (tram)|trolley}} tracks in general, as an analogy for streams of instructions in a program. The Trolley Problem is a thought experiment where an out-of-control trolley is heading to a switch which you control. Leaving the switch as-is will cause it to kill multiple people (typically five) stuck on the tracks, but switching the track will cause it to kill only one person, who would not have died if the switch was left untouched. This creates the ethical dilemma of passively causing multiple deaths, versus actively causing one. The Trolley Problem has gained significant memetic traction, helped in no small part by its frequent inclusion in “introduction to philosophy” type courses. The problem has seen revitalized interest with the emergence of {{w|autonomous car}}s, which may be faced with what are, essentially, {{w|autonomous car#Moral issues|such choices}} in emergency situations.

As an analogy for multiple mutually exclusive paths being executed at the same time, Ponytail invokes certain {{w|interpretations of quantum mechanics}}, where quantum-level particles can be viewed as taking every possible path at once, with the result being the sum of all of them. This is an idea popularized by the {{w|Copenhagen interpretation|common interpretation}} of {{w|Schrödinger's cat}}, where the cat is both dead and alive until some event results in one of the states being selected.

The phantom trolley driving through walls is an analogy for the computer instructions being able to access areas of memory that should be protected from them. This may also be a reference to {{w|quantum tunnelling}}, or even simply a joke about the phantom trolley being a literal phantom, i.e. incorporeal.

In many cases, contrary to what the comic implies, both paths are not taken simultaneously during speculative execution. A {{w|branch predictor}} may be used to select the most likely path, and the effects should be completely erased if the predicted path is incorrect. To use Ponytail's analogy, a phantom trolley is sent down one path (hopefully the most likely one), and either becomes real once it's determined that that path was correct, or vanishes and is replaced by a real trolley starting down the other path from the branching point. Both branch prediction and taking both paths (known as eager evaluation) are considered speculative execution and are affected by these bugs.

The {{w|Row hammer}} problem had been known for many years before this comic was published. A {{w|Dynamic random-access memory|common form of computer memory}} is constructed from tiny capacitors organized in a two-dimensional grid of rows and columns. Capacitors store charge to represent information. By applying a pattern of memory access that rapidly changes a row of capacitors, you can cause charge to overflow to nearby rows and incorrectly change their states.

Ponytail mentions that we especially suck at building "shared computers" because Row hammer, Spectre, and Meltdown all break down the security divisions built between programs and between users. A hacker running a separate program in a separate account shouldn't be able to access your data or change the behavior of your program, but these problems allow them to. This is particularly dangerous for time-sharing, servers, and {{w|Cloud computing|the cloud}}, where different programs, websites, or even companies can be sharing the same hardware.

Cueball takes her explanation literally, and comes to the conclusion that the cloud "is full of phantom trolleys armed with hammers", and Ponytail cannot be bothered correcting him (it could also be, considering xkcd's absurdist humor, that this quite literally is the case in the comic's world, and ponytail is telling Cueball that he is indeed correct). Cueball's final line ironically suggests that these exploits can be repaired with a simple software update. This seems to be mocking the naive misunderstanding that software can make up for flawed hardware. However, the exploits discussed in this comic are not trivial oversights, but reflect fundamental issues in the design of modern processors.

A {{w|zero-day (computing)|zero-day}} vulnerability is an attack that takes advantage of a vulnerability that hasn't been published yet, and so is not patched in any vulnerable system. The title text suggests that, until it was 'disclosed' here, nobody was aware that as well as Row hammer, computer servers can also be harmed by regular hammers. In reality, this would be obvious to most people{{Citation needed}}. One might "patch" a server against this attack by plating it with stronger metal.

==Transcript==
:[Zoom out with Cueball and Ponytail walking to the right on the ground.]
:Cueball: The Meltdown and Spectre exploits use "speculative execution?" What's that?
:Ponytail: You know the trolley problem? Well, for a while now, CPUs have basically been sending trolleys down '''''both''''' paths, quantum-style, while awaiting your choice. Then the unneeded "phantom" trolley disappears.

:[Zoom in on only Ponytail who has turned towards Cueball off-panel left.]
:Ponytail: The phantom trolley isn't supposed to touch anyone. But it turns out you can still use it to do stuff.
:Ponytail: And it can drive through walls.

:[Cueball and Ponytail, lifting both her palms up, are standing, facing each other.]
:Cueball: That sounds bad.
:Ponytail: Honestly, I've been assuming we were doomed ever since I learned about Rowhammer.

:[In a frame-less panel they continue talking, both with their arms down.]
:Cueball: What's ''that''?
:Ponytail: If you toggle a row of memory cells on and off really fast, you can use electrical interference to flip nearby bits and—
:Cueball: Do we just suck at...computers?
:Ponytail: Yup. Especially shared ones.

:[Zoom out again as they resume walking to the right on the ground. Cueball is lifting his smartphone up and looks at the screen.]
:Cueball: So you're saying the cloud is full of phantom trolleys armed with hammers.
:Ponytail: ...Yes, that is exactly right.
:Cueball: Okay. I'll, uh... install updates?
:Ponytail: Good idea.

==Trivia==

Although this is clearly not part of the series [[:Category:Code Quality|Code Quality]], it might be the same two characters, with Ponytail again displaying a much better understanding of computers than Cueball with his [[:Category:Cueball Computer Problems|Computer Problems]].

The Trolley problem was mentioned a month before this comic in the last ''milestone'' on this list in [[1925: Self-Driving Car Milestones]]; see more there regarding why this problem might have resurfaced in xkcd. Three years before that comic, a comic was even named after the problem: [[1455: Trolley Problem]].

The fact that compromising IT systems is sometimes easier done physically than logically is also mentioned in [[538: Security]].

{{comic discussion}}

[[Category:Comics featuring Cueball]]
[[Category:Comics featuring Ponytail]]
[[Category:Computer security]]
[[Category:Programming]]