CS Table 1/30/18: Security Vulnerabilities
At the January 30 CS Table we will discuss the recently-announced Spectre and Meltdown security vulnerabilities. These are complex security vulnerabilities that rely on two important features of modern processors: speculation and out-of-order execution. In addition to a technical discussion of these specific vulnerabilities, we’ll discuss the ways in which vulnerabilities are disclosed and fixed.
There are two assigned readings for Tuesday. The first gives a non-technical analogy for both vulnerabilities, and should be helpful for getting a handle on how these vulnerabilities work. The second looks at the implications for end users and the tech industry.
- Hubert, Bert. "Spectre & Meltdown: Tapping into the CPU's Subconscious Thoughts." ds9a.nl. January 06, 2018.
- Timberg, Craig, Elizabeth Dwoskin, and Hamza Shaban. "Huge Security Flaws Revealed – and Tech Companies Can Barely Keep Up.” The Washington Post. January 06, 2018.
If you are feeling adventurous, you may want to read the original Spectre and Meltdown papers at https://meltdownattack.com/. These are relatively accessible and include a quite a bit of background information.
Computer science table (CS Table) is a weekly meeting of Grinnell College community members (students, faculty, staff, etc.) interested in discussing topics related to computing and computer science. CS Table meets Tuesdays from 12:00–1:00pm in JRC 224A (inside the Marketplace). Contact the CS faculty for the weekly reading. Students on meal plans, faculty, and staff are expected to cover the cost of their meals. Visitors to the College and students not on meal plans can charge their meals to the department (sign in at the JRC front desk).
- Login to post comments
