Industry Expert Blogs

Earlier this week, Jann Horn of Google’s Project Zero published a detailed blog post titled “Reading privileged memory with a side-channel.” The post confirmed that CPU data cache timing can be exploited to efficiently leak information out of mis-speculated execution. This could lead to – at worst – arbitrary virtual memory read vulnerabilities across local security boundaries in various contexts.

Put simply, the above-mentioned security issue could allow cyber criminals to steal the entire memory contents of computers, including mobile devices, personal computers and servers running in cloud computer networks. Categorized as two distinct security flaws, Meltdown and Spectre were independently disclosed by a number of security experts, including senior Rambus technology advisor Paul Kocher and senior Rambus security engineer Mike Hamburg.

Click here to read more ...