WEBVTT

00:00:00.030 --> 00:00:05.160
thanks for watching Techquickie click the subscribe button then enable

00:00:03.210 --> 00:00:10.400
notifications with the Bell icon so you won't miss any future videos when

00:00:07.680 --> 00:00:15.630
Spector and meltdown first made headlines you'd have been

00:00:13.170 --> 00:00:20.939
forgiven for thinking that dr. no found a way to cause mayhem at a nuclear power

00:00:18.029 --> 00:00:25.560
plant somewhere but while thankfully that isn't what happened The Spectre and

00:00:23.189 --> 00:00:30.929
meltdown security bugs have the potential to inflict ma'am on nearly

00:00:27.689 --> 00:00:33.960
every computer in the world between them

00:00:30.929 --> 00:00:36.480
you see most software bugs and viruses

00:00:33.960 --> 00:00:42.149
affect systems by trying to exploit some weakness in the code of a particular

00:00:38.820 --> 00:00:44.309
program or operating system meaning that

00:00:42.149 --> 00:00:49.649
they can't hurt a system they weren't designed to run on what makes spectre

00:00:46.890 --> 00:00:55.500
and meltdown so dangerous is that they function on a level that is much closer

00:00:52.110 --> 00:00:58.559
to the actual hardware meaning that they

00:00:55.500 --> 00:01:02.100
can exploit tons of different CPU models

00:00:58.559 --> 00:01:04.979
and operating systems in fact meltdown

00:01:02.100 --> 00:01:13.049
affects nearly every Intel CPU manufactured since 1995 and specter

00:01:09.060 --> 00:01:13.640
effects these and most AMD processors as

00:01:13.049 --> 00:01:18.360
well Spectre clasp vulnerabilities can even

00:01:16.470 --> 00:01:27.240
successfully attack a number of smartphone CPUs holy crap so what

00:01:23.520 --> 00:01:28.700
happened why exactly are these bugs so

00:01:27.240 --> 00:01:34.650
widespread well it boils down to a feature present

00:01:32.310 --> 00:01:41.130
on virtually all modern processors called speculative execution which is a

00:01:37.829 --> 00:01:43.829
key way that CPU significantly boosts

00:01:41.130 --> 00:01:50.100
their performance thanks to speculative execution when a CPU is carrying out

00:01:46.560 --> 00:01:51.960
program instructions it can guess which

00:01:50.100 --> 00:01:58.500
instructions it might have to process next allowing a modern processor to read

00:01:55.680 --> 00:02:03.540
ahead on the page so to speak processing data that it thinks it will need shortly

00:02:00.570 --> 00:02:10.289
and then storing it on the very fast CPU cache memory one way that CPUs read

00:02:07.170 --> 00:02:13.180
ahead is by starting to process the data

00:02:10.289 --> 00:02:17.500
in memory as soon program asks for it rather than first checking to see if

00:02:15.519 --> 00:02:22.330
that program is even allowed to access that data you see whenever you have more

00:02:20.080 --> 00:02:27.510
than one program running your CPU will separate your system RAM into different

00:02:25.030 --> 00:02:33.280
chunks that can only be accessed by one program to keep other ones including

00:02:30.700 --> 00:02:38.410
malicious programs from seeing data that they shouldn't so let's say then that

00:02:35.590 --> 00:02:44.530
program a asks to see some data from program B's memory space the CPU will

00:02:41.290 --> 00:02:46.959
say no but only after it starts to read

00:02:44.530 --> 00:02:52.390
that memory and whatever was in that memory space is already in the CPUs

00:02:49.420 --> 00:02:58.090
cache now although the CPU won't directly pass that data at a program a

00:02:54.900 --> 00:03:01.329
meltdown can figure out what the data is

00:02:58.090 --> 00:03:03.970
by tricking the CPU instead of just

00:03:01.329 --> 00:03:09.760
asking for the data directly meltdown will ask the CPU to add the value being

00:03:07.329 --> 00:03:16.090
held in cache to some arbitrary number which will correspond to a certain

00:03:12.190 --> 00:03:18.430
memory location or address the CPU still

00:03:16.090 --> 00:03:23.730
won't reveal the information at that memory address to meltdown directly but

00:03:20.980 --> 00:03:28.959
the data will still be cached beforehand so I know this is pretty technical here

00:03:25.989 --> 00:03:34.389
but stick with me for its next trick meltdown will ask the CPU to read more

00:03:31.930 --> 00:03:38.349
memory addresses noting the one that loads more quickly than the others

00:03:36.519 --> 00:03:44.319
because it was stored in the high-speed cache in the previous step rather than

00:03:41.139 --> 00:03:47.169
the slower system RAM this process

00:03:44.319 --> 00:03:52.510
allows meltdown to figure out what data was in the address it initially asked

00:03:49.750 --> 00:03:57.400
for as the cached address will just be whatever the arbitrary number that

00:03:54.400 --> 00:03:59.430
meltdown picked plus the actual value

00:03:57.400 --> 00:04:04.299
the system was trying to keep hidden was let's move on to Spector now although

00:04:02.049 --> 00:04:08.680
Spector also takes advantage of speculative execution it works a little

00:04:06.639 --> 00:04:13.660
bit differently by exploiting a CPUs branch predictor this processor

00:04:11.260 --> 00:04:18.729
component watches for patterns in program execution so if it sees a

00:04:15.940 --> 00:04:23.620
particular function over and over again the CPU will eventually pick up on it

00:04:21.459 --> 00:04:26.710
and start to process this function on its own repeatedly

00:04:25.180 --> 00:04:32.560
like how you can train your pet to do tricks by giving it food every time so

00:04:29.650 --> 00:04:36.699
Spectre trains your CPU by telling it over and over to execute instructions

00:04:35.050 --> 00:04:42.370
that will dump the information the attacker wants into cash after this

00:04:39.660 --> 00:04:47.860
Specter can access the information by using various timing tricks to work out

00:04:44.860 --> 00:04:50.350
exactly what the data contains sometimes

00:04:47.860 --> 00:04:55.270
by asking the CPU to use the data located at a certain memory address in a

00:04:52.930 --> 00:04:59.789
different function similarly to meltdown and getting back to why this problem is

00:04:58.570 --> 00:05:05.110
so widespread Spectre is a whole class of attacks

00:05:02.800 --> 00:05:09.310
which means combined with the fact that branch prediction is incredibly

00:05:07.330 --> 00:05:15.509
important for performance in nearly all modern CPUs means that there isn't a

00:05:12.729 --> 00:05:20.770
quick fix for every variation of it meltdown by contrast is a somewhat

00:05:18.310 --> 00:05:27.099
easier fix that involves more thoroughly separating different memory spaces but

00:05:23.620 --> 00:05:29.349
since the patches also cut into a CPUs

00:05:27.099 --> 00:05:34.150
ability to read ahead as we described earlier the fixes can result in serious

00:05:32.110 --> 00:05:39.340
slowdowns for processor intensive programs as current CPUs have actually

00:05:36.940 --> 00:05:45.490
gotten really good at predicting what they'll need to do next a sad irony now

00:05:42.940 --> 00:05:50.020
both Intel and AMD are working to fix the vulnerabilities on a hardware level

00:05:47.680 --> 00:05:55.690
in their future chips which is certainly good news but because speculative

00:05:53.199 --> 00:06:01.389
execution is so fundamental to modern CPU design only time will tell if even

00:05:58.960 --> 00:06:07.330
brand-new processors can actually plug these holes for good and obviously that

00:06:05.380 --> 00:06:14.199
solution isn't going to do anything for the literally billions of CPUs that are

00:06:11.080 --> 00:06:16.840
already out in the wild so yes this

00:06:14.199 --> 00:06:22.780
means you Jeff from New York proud owner of an overclocked 46 70 K unless you

00:06:19.990 --> 00:06:26.949
want to go buy new hardware all you can really do is be careful what you click

00:06:24.370 --> 00:06:31.060
on out there a cleverly designed attack that takes advantage of specter warm

00:06:28.870 --> 00:06:35.110
meltdown wouldn't leave any trace on your PC so you may not even find out

00:06:33.370 --> 00:06:39.520
about it until your bank accounts have been emptied and you have a little

00:06:36.610 --> 00:06:41.910
meltdown of your own speaking of your own have you ever wanted to build your

00:06:40.960 --> 00:06:45.430
own website Squarespace is the place to go to do it

00:06:44.199 --> 00:06:49.810
you just pick one of their gorgeous templates and start filling in your own

00:06:47.770 --> 00:06:53.740
text your own pictures you don't even have to do anything complicated if you

00:06:51.669 --> 00:06:58.060
don't want to their cover pages feature lets you set up a beautiful one-page

00:06:55.510 --> 00:07:02.320
online presence in minutes and if you're finding anything about Squarespace

00:06:59.530 --> 00:07:06.760
complicated they've got 24/7 support via live chat and email every template

00:07:05.050 --> 00:07:10.870
features responsive design to your website looks great on any device a

00:07:08.740 --> 00:07:15.010
commerce module so you can use their free online store to sell things and

00:07:12.789 --> 00:07:18.460
they've got all kinds of new tools that they're adding all the time like their

00:07:16.660 --> 00:07:23.289
conversion metrics that track button clicks form submissions and more so you

00:07:21.070 --> 00:07:27.160
can watch trends over time so start a trial with no credit card required and

00:07:25.180 --> 00:07:30.370
start building your website today then when you decide to sign up for

00:07:28.330 --> 00:07:35.650
Squarespace it's just 12 bucks a month use offer code tech to get 10% off your

00:07:33.639 --> 00:07:38.410
first purchase so thanks for watching guys like dislike check out our other

00:07:37.240 --> 00:07:44.340
channels leave a comment with video suggestions and don't forget to subscribe so you don't miss any future

00:07:41.080 --> 00:07:44.340
fast as possible