Why do vulnerabilities always get such cool names?

TechQuickie: “These affect almost every Intel CPU” Me at around 1:00 : “ah good thing I use AMD” TechQuickie 5 seconds later: “It also affects AMD CPUs” Me: NOOOOOO

It's a good thing my bank account is always empty

One important thing that was not mentioned: Meltdown (Intel specific) allows a program to read memory from anywhere on the CPU, included protected system memory. The 2 main spectre vulnerabilities can only read from the currently executing program or another program running in userspace (not system).

You didn't give enough ram to chrome, ffs Linus!

Wow, someone finally actually explained what the fucking bugs do. Thank you. I was getting tired of people just saying "Oh it's bad" and not actually caring about what it really does

Fun fact!: Early Intel Atom processors (the ones in netbooks from 2008-2010, like the n270 and n450) don't support speculative execution and therefore aren't vulnerable to Spectre/Meltdown.

This was probably the best Techquickie video. I actually learned something instead of just getting a lot superficial knowledge

i aint afraid of no ghost

Meltdown and Spectre can also attack your phone processor Me : *laugh in nokia 3310*

As I expected Modern Technology is dangerous, nothing beats my old but realiable Abacus

2:30 Google Chrome is inacurate it needs like THE WHOLE DAM BAR!

CPU: I can predict your next move. Spectre, Meltdown: Omae wa mou shindeiru CPU: *NANI?!*

As a guy who just had a subject dedicated to building processors from scratch, all of these terms seem very familiar to me, and I loved how well described the problems are in this video, just as always, Techquickie delivers!

It’s not the same without tunnelbear

*4:26** the barking cpu, I'm dead.* 😂

Lol, my name really is Jeff and I live in N.Y. I own an i7 4770k though, not an i5 4670k.😋

The whole schematic to explain the vulnerabilities is very well put together. Nice work!

This is one of the best readers digest explanations of the Spectre and Meltdown exploits I've seen so far. Bravo, Linus and the Techquickie team!

There's a hole in your T-shirt Linus :/

So, the CPUs are like: "Your next line will be..."

One consolation about Spectre & Meltdown. We've been hearing (a lot) about these vulns that will end life as we know it, but so far, (as far as I know), there has not been a single malicious example used in the wild, anywhere, any time, by anyone against anyone. The Y2K bug was lot more real and present and easy to demonstrate... I'm not saying they can't be used in the wild, but we've heard a hell of a lot about them, but after 4 or 5 months, there's still not been a single case of anyone catching gonorrhoea off a toilet seat.

Could you talk about the Cambridge analytica scandal?

Checked my steam like 10 times whilst watching this video

Hands down, this was pretty amazing. Great job, Linus.

Since Spectre must ask the CPU repeatedly to execute the instructions, the CPU could take notice of this. It could then stop executing the instructions, investigate which program is doing so, and then delete Spectre.

a bit late, Linus

Solution: USE A INTEL i386 processor! (iT'S MADE BEFORE 1995 RIGHT? Or am I dumb? =/)

"[Spectre] will dump the information the attacker wants into cache" Cache as well as cash $$$ 😬

Good job, can't imagine how hard this was to make, simplifying and compressing technical information like this is truly impressive. Give my regards to the script writer.

Thank you for developing meltdown and spectre, NSA

Wasn't quite sure of the scope, whether it meant fishing with half a chance, or if it could target particular data. One thing that seems clear, the two vulnerabilities will not help to gain access initially, but could be used by malware that has already entered, or by a malicious user on a shared system

I was watching this on my newly bought Sceptre monitor and freaking out until I realized it's just an anagram.

Spectre is incredibly impractical to exploit. It can really only be used effectively against task-specific machines since the standard home user machine has so much junk data. This supposedly makes it a very useful exploit to steal hashing addresses and wipe out crypto wallets though. Enterprise servers that process payments are ripe targets as well.

"Knock knock!" *Branch prediction* "Who's there?"

6:25 - That really needs more explanation. Are you saying it would load into memory and then delete the executable, and then maybe put the executable back on the hard drive if it detected the system was being shut down?

6:01 Speaking of plugging holes.....buttplu.....ahem....tunnel bear!! Wanna plug the holes where your ISP can peek at your data? Use a vpn to plug your data holes. LMAO!

This video forget a key thing; the data you can pick from those exploit is random and limited to a specific buffer size - which isn't very big even on the top of the line CPU. I haven't found any working implementation of those exploits, because there is no way to know what tiny chunk of data you got, and in what order you would need to reconstruct it - assuming you could get multiple different ones.

The power of christ compels you - spectre the ghost flys out of pc -

This is the best explanation of these vulnerabilities I have heard! Nice job!

Who thought their *Steam* was going off during this video? xD

My comp is protected by Drax! His reflexes are so fast nothing would go over his head!

"Why are Spectre and Meltdown so dangerous?" Mindustry players: indeed they are

Actual question here: how do specter and meltdown know how fast certain data from certain memory addresses get loaded in if they don't have access to the data in the first place, and so, don't know when they would otherwise get it?

Great explanation!

glad i learned more about assembly and internal operations of a CPU. all of this makes a ton of sense. it's a way of deducting data at a memory address instead of asking for it directly (which will give a segmentation fault because the memory address it's asking for is outside of the program's "virtual memory", basically its partitioned area / sandbox that it plays in). seems to exploit cpu registers, wouldn't surprise me if this video explains it a little off just so that it's easier to explain. it'd be hard to write an assembly-level bug that utilizes any kind of inference of data, but then again it could probably be done in C, but i doubt it would be

4:21 Who else checked Steam??

Watching this after taran said he gave the malwares their own "personalities"...great touch :)

photoshop using less ram than chrome? 🤣

4:20 I think I've done this before. Right after my PC turns on, if i try to open explorer, it won't open immediately because it just turned on. But, if I try to open it again, it immediately opens 2 windows of it. I'm not sure if this would fall into this "pattern" category, but It's something I noticed.

Spectre meltdown fix. Remove Internet lol

Thanks man, you have no idea how helpful your AFAP videos are. Cheers!

You say I'll notice when my bank account is empty, but that's my secret. My bank account is *always* empty.

A smartphone trick is to close down all your programes already assigned ram by hitting the square on the left bottom of most devices and hitting the x on the right top of the pages that come up looking like open apps. It is often called closing your recnt apps but I wanted to wxplain it in a way a newbie should be able to understand.

Welp, time to bust out the old 486!

There have been windows patches pushed it to essentially disable the gesture that enables the hole. It had a performance penalty in some applications, but it's not horrible.

Intel said the chips are working as designed though

Those noises from the viruses are enough to give me nightmares and make me not download anything off the web again...

2:26 this is totally unreasonable Linus! You're a tech person, I wouldn't thing that you of all people would make this mistake!! 1 ram stick per google chrome tab

This video is the best one about processor security

Brought to you by the good folks at the NSA (and the University of Wisconsin). A feature, not a bug.

Wrote a paper on this, so it's interesting to understand what he's talking about in this case. These flaws are game-changing for microarchitecture design.

This was kinda a late video.

People who made these are literally mad genius.

Could those exploits be used on game consoles to run homebrew?

It is so clever to figure this bug out. So much fun understanding Meltdown!

Only one of you were first.

6:22 - "All you can really do is be careful what you click on out there." That's all we can ever really do. (Well, sanitizing with script blockers also helps.) Security holes spring up faster than the plugs for them.

Who the hell cares about someone being the first of a video

The tech quickie intro is so good. I forgot about it, since I've been watching all vids in Floatplane

I'm still wondering why my name was used for a security bug.

About 12 years ago the company I worked at my former boss, had his credit account hacked, from a website he bought parts for a shop off of!!! Since then I ONLY USE prepaid credit cards online and NEVER use my own personal bank card or credit cards for transactions on the internet!!! For an extra layer of security I buy two or three prepaid cards and switch up which one I use every couple of months, and then when they are about to expire, I buy new prepaid credit cards!!! And when I DO use them I put just the money on them I need to make a purchase!! Call me paranoid, but it hasn't been an issue for me for almost 16 years now!!! In the end if you are buying $200 worth of stuff on eBay, then you keep $220 on the card (to cover any shipping and the cost of the items). Then in a lot of cases just before they expire you yank out your old cards use up the $5 balances before you use your next card!! It confuses the snot out of the hackers, because they see you are using 3 different cards for one purchase and not any of the numbers match!!! And ALSO use different four digit password numbers on each card as long as you can remember what the password is for each card it shouldn't be a problem and I write my last four card numbers down in a small note book, with the four digit pass code next to it, on my desk!!!! If you pick it up YOU CAN NEVER figure out what the 8 digit strings of numbers mean and without the security code number off the back of the prepaid credit card in most cases they are completely worthless as well too!!! Even if somebody steals the notebook!!! Like I say I might be a little paranoid, but this system has worked for me over the course of 16 years and NOBODY has ever hacked my bank account or run up my credit cards without my knowledge!!! So it DOES work!! And even if the hackers get your prepaid credit card number there is never a balance on them either until you are ready to actually use them, so they can't get anything either!!! And it only costs $5 to put money on the cards which is what I consider as money well spent for the "insurance value" of being secure!! And still in a pinch you can use the cards at ANY ATM without fear as well in case you need the money back off of them as well!!! So in most cases it is far more secure then ANY bank will offer you too!!! Lastly in a given month I use between 3 to 5 different prepaid cards, constantly switching between them randomly.....so this week I might use card number 1234 and card 4321, and card 2134 even on the same website!!! All are called out to my name......but my personal information on the prepaid cards are almost totally limited to just my name and address and not much more!!

*Laughs in AMD*

So, if I understand well this is like those ram attacks before it was protected and randomized, but instead of just passing an addres, it tells windows to fetch the slippers.

time to change my passwords to some 10 word sentences

I feel like what the video is showing and what he is saying doesn't match properly which makes it really hard to understand what he was saying. So he says : -Meltdown request to read from a memory space used by another process -Cpu reads the content -Meltdown request to add a random value to the content and the result should be a memory address , but could that always be the case since its just a random number? -And how does the cpu even know that the result is an address ? As far as cpu concerned its just a result of that addition operation but not an address ?!! Am i missing something here ? please help out if so..

You may have done this already, but if not: I'd really love to see a vlog or WAN Show segment regarding these vulns. Aside from wanting your personal opinion(s) on the whole spectacle, I want to know if you've any tips for us, because I'm sure I'm not alone in having less-than-savvy relatives and friends who are damn near guaranteed to achieve said meltdown in record time, and I really don't know how to begin explaining this to them.

and no mention of the spectre microcode updates... well done linus..

Wow I'm impressed, this video actually got down into pretty technical subjects

well thats one of the reason i'm using adblock and pop up blocker you'll never know what ads on some website can harm your devices.

1:19 But what about consoles and refrigerators?

6:41 you can see he's ridiculously proud of the segway he just came up with.

woah this video is far better than the rest on this channel (I want to see more videos like this)

Linus could you please make a video talking about differences between C++ and C# and which one is better.

Why can the malware even analyse the timings on the CPU for commands it isn't supposed to(and can't) see?

That just blows my mind. So even if I do something as simple as: if(false) {dothis()} it will still 'dothis()' even though the code literally renders it impossible because of the possibility of having to 'dothis()'?

Both of these require a persistent threat that has already defeated any security features (AV, IDS, IPS) installed. So the threat is there...but if an attacker has already compromised your device or network....Spectre and Meltdown will be the hard way to get what they already have access to.

Being a guy that plays Mindustry, a Factorio-like game, I got confused like "Wait are we really analyzing these 2 end-game turrets" and I got dragged into just as informative a rabbit hole Mindustry V1 wasn't even a thing at the time this was uploaded, haha

Very good explanation. The animation was good too ^_^. It's a shame the video kept stopping on me every few seconds, but I got through it!

thats insane how someone can just figure that out. theres hope for humanity because of the few geniuses we have out there

At 4:22, “This guy really likes x+y” LOL! And the barking CPU

So Spectre is a class of meltdown attacks or why does the article at 5:02 address speculative execution once again? They don't seem to mention the branch predictor though.

Thank you for actually explaining what it does in detail.

Linus during the video:😐🙂 Linus during ads: 😄😁

That squarespace segue was gold.

If you have any old netbooks lying around from 2008-2011 or so, the models of Intel Atom processors those netbooks use are NOT affected by either Spectre or Meltdown. Just slap Linux on it to replace XP, and use that for the more security-sensitive tasks. That's one option, anyway.

You should take a Look at Branchscope, it's as devastating as Spectre but not mentioned in mainstream media for some reason.

Linus was so proud of that segue

Can you explain the concept of mining here; where its value comes from, why its so popular, history, etc.

Why has this channel not tackled the important issues like slime and it's effectiveness as a thermal paste?