Why do vulnerabilities always get such cool names?
@DerEwigeWanderer6 жыл бұрын
there was once a worm called "conficker". in german, "ficker" means "fucker" :)
@potatopobobot42316 жыл бұрын
Like aids?
@Wonky26 жыл бұрын
And why did they get such pretty logos?
@TestiEsti1236 жыл бұрын
Probably the same reason as why storms get Human names. Easy to remember
@ref36656 жыл бұрын
Yeah, CVE-2018-7600 is a really cool name.
@moth.monster6 жыл бұрын
Wow, someone finally actually explained what the fucking bugs do. Thank you. I was getting tired of people just saying "Oh it's bad" and not actually caring about what it really does
@m3talgame206 жыл бұрын
you are more likely to encounter a dinosaur than a meltdown or spectre exploit
@Mik-kv8xx3 жыл бұрын
@@m3talgame20 how do you know?
@justacasualgamer19573 жыл бұрын
@@m3talgame20 can you explain how
@VeryBigExplosion3 жыл бұрын
@@m3talgame20 *Last Online 3 years ago*
@m3talgame203 жыл бұрын
@@VeryBigExplosion hmm old video it seems. I'd be more worried about china
@1stfloorguy596 жыл бұрын
It's a good thing my bank account is always empty
@IV_Cornec6 жыл бұрын
1stfloorguy I feel ya
@drmegaman6 жыл бұрын
fucking steam
@rdln43136 жыл бұрын
Dr Megaman more like fucking mundaine life shit to buy
@drmegaman6 жыл бұрын
Lou D yeah, I said Steam because I thought that'd be funnier but it really is amazing how much little random stuff adds up
@RettigJ6 жыл бұрын
That is normal. (For ~8/10 Americans -Dave Ramsey)
@RmwPathricc5 жыл бұрын
Meltdown and Spectre can also attack your phone processor Me : *laugh in nokia 3310*
@the_danksmith1344 жыл бұрын
I hope they wont attack it cause that would cause a megagalactic explosion!!! Nokia 3310 is a serious weapon!
@missingno24014 жыл бұрын
nokia 3310 = the halo array dont do it, were all gonna die
@JohnSmith-xq1pz4 жыл бұрын
Plz don't drop it
@JohnSmith-xq1pz4 жыл бұрын
@@the_danksmith134 No kidding little known fact they powered both DeathStars
@michakrzyzanowski85544 жыл бұрын
@@JohnSmith-xq1pz linus shouldn't carry it
@Matthigast6 жыл бұрын
You didn't give enough ram to chrome, ffs Linus!
@JonatasAdoM6 жыл бұрын
He closed the tabs in chrome's task manager
@dagg4976 жыл бұрын
Chrome 💕 RAM And the internet Tabs get super tiny with no text, so I'll never leave Firefox.
@Hydr8Man6 жыл бұрын
Good thing my school uses MacBooks *AND CHROME* and the teachers are always wondering why the laptops are so slow
@Ferotiq6 жыл бұрын
matthigast that’s every teacher but they only have 2gigs of ram XD
@itsmetheherpes17506 жыл бұрын
what the heck is specter and meltdown ?
@lbsiuk4 жыл бұрын
Fun fact!: Early Intel Atom processors (the ones in netbooks from 2008-2010, like the n270 and n450) don't support speculative execution and therefore aren't vulnerable to Spectre/Meltdown.
@Afif871232 жыл бұрын
when its so bad that virus wont even bother to infect it
@Ale-bj7nd2 жыл бұрын
The best CPUs ever made
@ProcessedDigitally Жыл бұрын
@bruh lol good one
@Otgel12 күн бұрын
Too stupid to be tricked.
@PedroOjeda6 жыл бұрын
This was probably the best Techquickie video. I actually learned something instead of just getting a lot superficial knowledge
@masoluboxD6 жыл бұрын
I think this is still superficial knowledge
@joesterling42996 жыл бұрын
I learned more about how the exploits work, but nothing to change my mind about how useless it is to obsess about them. Fact is we're screwed if anyone truly talented decides to come after our info. Vulnerabilities >>> Fixes for them
@jeffbrownstain6 жыл бұрын
Really, because this was the most useless video I've watched yet. What does knowing how these work do for anyone that isn't working to fix them? I'd much rather learn all the discrepancies between file types than how a bug that will never effect 99% of people works.
@mcrsit5 жыл бұрын
@@jeffbrownstain You obviously didn't understand the video then.
@jeffbrownstain5 жыл бұрын
mcrsit Year old video dude gtfo
@AlexanderPavel6 жыл бұрын
One important thing that was not mentioned: Meltdown (Intel specific) allows a program to read memory from anywhere on the CPU, included protected system memory. The 2 main spectre vulnerabilities can only read from the currently executing program or another program running in userspace (not system).
@pmmoj33kristoferromanvilla485 жыл бұрын
TechQuickie: “These affect almost every Intel CPU” Me at around 1:00 : “ah good thing I use AMD” TechQuickie 5 seconds later: “It also affects AMD CPUs” Me: NOOOOOO
@giovannimaranzano2925 жыл бұрын
Progamerz 18 saaaaame
@cockatoo0104 жыл бұрын
Meltdown doesn't affect AMD CPUs and 3000 series Ryzen CPUs include hardware mitigations against Spectre
@freevbucks80194 жыл бұрын
Yes but it's spectre. You're safe from meltdown
@the_danksmith1344 жыл бұрын
Me: Haha Im on my phone!!! Techquickie 1 second later: ...and even Qualcomm CPUs Me: FUUUUUUUUU....
@markind_007protocol74 жыл бұрын
Good to update regularly if theres windows update available and read it first before update
@cedricvelarde5 жыл бұрын
CPU: I can predict your next move. Spectre, Meltdown: Omae wa mou shindeiru CPU: *NANI?!*
@FarmYardGaming4 жыл бұрын
*Rather loud melting sounds*
@sidewinder34226 жыл бұрын
As I expected Modern Technology is dangerous, nothing beats my old but realiable Abacus
@Dragon229996 жыл бұрын
Franz Tinuviel how bout them space probes orbiting jupiter?
@estoor42586 жыл бұрын
Comet Streak Probably just trash we found in space
@taustyz58756 жыл бұрын
Yeah but can it run Crysis
@parasztj5 жыл бұрын
It is dangerous. Depends on acceleration.
@lennon84355 жыл бұрын
Abacus is a bit advanced for me
@3420undertaker6 жыл бұрын
2:30 Google Chrome is inacurate it needs like THE WHOLE DAM BAR!
@alfredoreconco4 жыл бұрын
I confirm as a Google Chrome user
@SnowyRVulpix4 жыл бұрын
@Revali Which is a Chromium-based browser xD I think Firefox and Safari are the only ones that aren't Chromium now.
@reckobot3 жыл бұрын
For me, who is using google chrome *with two tabs open*, I have discovered that google chrome uses up around a fat 780 mb of ram.
@ms.magenta3 жыл бұрын
I cant relate to not having enough RAM for my browser, I use Edge.
@ms.magenta3 жыл бұрын
somehow Microsoft did something right
@aR0ttenBANANA6 жыл бұрын
i aint afraid of no ghost
@uhoy14886 жыл бұрын
aR0ttenBANANA96 GHOSTBUSTERS
@SimGunther6 жыл бұрын
aR0ttenBANANA96 I ain't afraid of no sleep I ain't afraid of no bed
@MC27386 жыл бұрын
My server doesn't have this vulnerability, but my Gaming PC does :(
@samwansitdabet66306 жыл бұрын
Banking on server Fapping on battlestation Not that hard
I'm not sure what's going on, but: REEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEST IN PEACE.
@hypermangi82656 жыл бұрын
BlackHat Visions REEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEST IN PEACE.
This is one of the best readers digest explanations of the Spectre and Meltdown exploits I've seen so far. Bravo, Linus and the Techquickie team!
@petarpartaloski88894 жыл бұрын
As a guy who just had a subject dedicated to building processors from scratch, all of these terms seem very familiar to me, and I loved how well described the problems are in this video, just as always, Techquickie delivers!
@virusboy076 жыл бұрын
It’s not the same without tunnelbear
@ray39906 жыл бұрын
GerardoMjr what happened to tunnelbear
@drmagnusw12386 жыл бұрын
RayZr search we broke up.. linustechtips! he will tell you!
@PixelVogue6 жыл бұрын
fcukin old fukin news!
@yourick19536 жыл бұрын
lets keep it here mcafee bought tunnelbear that should say enough
@psych05366 жыл бұрын
goddamn mcafee
@JorgetePanete4 жыл бұрын
So, the CPUs are like: "Your next line will be..."
@deki98274 жыл бұрын
Oh ho
@ashii_ii4 жыл бұрын
@@deki9827 josef joster
@Jan-vv1zk6 жыл бұрын
Hands down, this was pretty amazing. Great job, Linus.
@kenstoudamire73665 жыл бұрын
Cant expect an assembly spectre exploit in a 10 min vid
@nicolasmunoz18476 жыл бұрын
The whole schematic to explain the vulnerabilities is very well put together. Nice work!
@rustyshackleford51666 жыл бұрын
6:01 Speaking of plugging holes.....buttplu.....ahem....tunnel bear!! Wanna plug the holes where your ISP can peek at your data? Use a vpn to plug your data holes. LMAO!
@burner8876 жыл бұрын
Russ Orler tunnelbear was bought by mcafee so no more tunnelbear ads lol
@rustyshackleford51666 жыл бұрын
Dadda Purple speaking of no more ads..... ADVERTISEMENT HERE!
@thischannelwillselfdestruc49776 жыл бұрын
its all pia ads now. Although I've started using IPVanish and am comfy.
@TeamTeddy6666 жыл бұрын
4:20 I think I've done this before. Right after my PC turns on, if i try to open explorer, it won't open immediately because it just turned on. But, if I try to open it again, it immediately opens 2 windows of it. I'm not sure if this would fall into this "pattern" category, but It's something I noticed.
@FireController18476 жыл бұрын
that's just lag. you hit the button twice, so it will open two windows. if you hit it once, and wait, it will only open once.
@tiosatria99196 жыл бұрын
after you turn on your pc. your disk usage will reach about 100% that's because windows memory management, cache, and all that stuff to keep your windows running. because of that, you cant access your windows explorer immediately, there's alot of data to process. here's a tip : Replace your current hdd with ssd, this will solve your problem.
@musmuk53506 жыл бұрын
There's a hole in your T-shirt Linus :/
@JRobert1111116 жыл бұрын
Or a stray piece of potato chip or some other food item.
@Jmandude56 жыл бұрын
Technically, all shirts have holes in them.
@K34nuT6 жыл бұрын
mind blown
@Czarcasm.6 жыл бұрын
I think that’s his microphone
@Deekk6 жыл бұрын
Well duh that’s where his head, arms and body go in
@Techlifeandmore4 жыл бұрын
Since Spectre must ask the CPU repeatedly to execute the instructions, the CPU could take notice of this. It could then stop executing the instructions, investigate which program is doing so, and then delete Spectre.
@stellanstafford60252 жыл бұрын
It should use windows defender to notice it
@frozenturbo86232 жыл бұрын
@@stellanstafford6025 most OS don't have windows defender
@Kneedragon19626 жыл бұрын
One consolation about Spectre & Meltdown. We've been hearing (a lot) about these vulns that will end life as we know it, but so far, (as far as I know), there has not been a single malicious example used in the wild, anywhere, any time, by anyone against anyone. The Y2K bug was lot more real and present and easy to demonstrate... I'm not saying they can't be used in the wild, but we've heard a hell of a lot about them, but after 4 or 5 months, there's still not been a single case of anyone catching gonorrhoea off a toilet seat.
@shudidesai6 жыл бұрын
Good job, can't imagine how hard this was to make, simplifying and compressing technical information like this is truly impressive. Give my regards to the script writer.
@remirms22396 жыл бұрын
Lol, my name really is Jeff and I live in N.Y. I own an i7 4770k though, not an i5 4670k.😋
@haas1706 жыл бұрын
Sure it’s not Rémi?
@remirms22396 жыл бұрын
Qyndryx Yeah because my Surname would be *Rooms* ...
@Minecrafted9076 жыл бұрын
My name jeff
@Twatical6 жыл бұрын
Checked my steam like 10 times whilst watching this video
@EREMIT-DE4 жыл бұрын
Could you enlighten me? Also have Steam, just be online there once a month for new games. And then just single player rpg, as I am married 😂 Have no clue why someone even would go online on steam once a day...
@NobbsAndVagene4 жыл бұрын
@@EREMIT-DE Because they play a lot of games?
@EREMIT-DE4 жыл бұрын
@@NobbsAndVagene Cool answer, so they play a lot of games and that is why they checking steam 10 times a day instead of playing a lot of games... so... if someone has a real answer... still no clue ^^ are you watching comments on games or have some forums I still not know about...?
@Mugetsu_Gaming4 жыл бұрын
@@EREMIT-DE because the video had a lot of sound effects similar to that of which steam uses.
@missingno24014 жыл бұрын
bro i have no steam friends i dont have such weaknesses
@bas75456 жыл бұрын
Could you talk about the Cambridge analytica scandal?
@zyyyper24596 жыл бұрын
Bas 7 its more a political topic than anything else
@TROONTRON6 жыл бұрын
We have all known about facebook selling our personal info for years, yet only now do people seem to care...
@Shuvojit696 жыл бұрын
It's just Facebook, Twitter selling data to a company that then does shit.. Thats what I understood 🙂
@bas75456 жыл бұрын
nigga what yeah that's true
@SpartanDusk6 жыл бұрын
T.S that’s not the issue, it’s the fact that Cambridge will also take your friends info and sell it. It’s like your friend had sex with a skank and you got their aids as well. It’s probably worth for them but not for you
@monkeywithocd6 жыл бұрын
6:25 - That really needs more explanation. Are you saying it would load into memory and then delete the executable, and then maybe put the executable back on the hard drive if it detected the system was being shut down?
@windCR6 жыл бұрын
Solution: USE A INTEL i386 processor! (iT'S MADE BEFORE 1995 RIGHT? Or am I dumb? =/)
@KWatson19846 жыл бұрын
386 came out in late 1985. 1995 was Pentium Pro.
@DJMavis6 жыл бұрын
Ah, 33Mhz.
@frozenturbo86232 жыл бұрын
@@DJMavis should be enough for the rtx 3070
@kayleighmoore69514 жыл бұрын
1:19 But what about consoles and refrigerators?
@user-ok4pk2mp3e6 жыл бұрын
I was watching this on my newly bought Sceptre monitor and freaking out until I realized it's just an anagram.
@doncosner26113 жыл бұрын
This is the best explanation of these vulnerabilities I have heard! Nice job!
@gamboodle6 жыл бұрын
"Knock knock!" *Branch prediction* "Who's there?"
@HectorDomino.6 жыл бұрын
Thanks man, you have no idea how helpful your AFAP videos are. Cheers!
@larrylentini56886 жыл бұрын
You say I'll notice when my bank account is empty, but that's my secret. My bank account is *always* empty.
@pokegamerXD6 жыл бұрын
So Spectre is a class of meltdown attacks or why does the article at 5:02 address speculative execution once again? They don't seem to mention the branch predictor though.
@Matin_M6 жыл бұрын
Who thought their *Steam* was going off during this video? xD
@canofbeans94555 жыл бұрын
me :(
@MWLLxUnderTaker6 жыл бұрын
My comp is protected by Drax! His reflexes are so fast nothing would go over his head!
@handymani45026 жыл бұрын
The power of christ compels you - spectre the ghost flys out of pc -
@joesterling42996 жыл бұрын
6:22 - "All you can really do is be careful what you click on out there." That's all we can ever really do. (Well, sanitizing with script blockers also helps.) Security holes spring up faster than the plugs for them.
@sroku76734 жыл бұрын
"Why are Spectre and Meltdown so dangerous?" Mindustry players: indeed they are
@Mik-kv8xx3 жыл бұрын
Dont say the forbidden names!
@pendingchange37763 жыл бұрын
laughs in meltdown wall
@martincaller13443 жыл бұрын
laughs in infinite wall health
@HellcatGamin4 жыл бұрын
Is it not possible to to code a software that tells the processor to check for a certain code before allowing it to do anything whatsoever?
@V0TION6 жыл бұрын
4:21 Who else checked Steam??
@xXConsmariosXx6 жыл бұрын
2:10 i checked steam xD
@danielediedrichs84786 жыл бұрын
It's not really the same Sound
@Dac_DT_MKD4 жыл бұрын
Change your name asshole
@V0TION4 жыл бұрын
@@Dac_DT_MKD no I don't think I will
@Dac_DT_MKD4 жыл бұрын
@@V0TION Change it, it disrupts scrolling on the page
@lordmarshmal_06434 жыл бұрын
Being a guy that plays Mindustry, a Factorio-like game, I got confused like "Wait are we really analyzing these 2 end-game turrets" and I got dragged into just as informative a rabbit hole Mindustry V1 wasn't even a thing at the time this was uploaded, haha
@brentsnocomgaming78136 жыл бұрын
Thank you for developing meltdown and spectre, NSA
@as7river5 жыл бұрын
6:41 you can see he's ridiculously proud of the segway he just came up with.
@feketetv6 жыл бұрын
a bit late, Linus
@ReapeX6 жыл бұрын
better than never
@PKGangsta186 жыл бұрын
i think he is laying it out on Jump St for those who keep asking him what the exploits instead of googling it for themselves lol
@CaveyMoth6 жыл бұрын
But at least his descriptions of the vulnerabilities are more detailed than in some other KZbinrs' videos.
@NoNameAtAll26 жыл бұрын
More like a byte
@ko-Daegu6 жыл бұрын
Cavey Manta No one is better then ComputerPhile + There are mistakes in what CPU are vul ... go and read the sec paper or visit the website they layout the vul easily and you would know
@danielblack41904 жыл бұрын
Actual question here: how do specter and meltdown know how fast certain data from certain memory addresses get loaded in if they don't have access to the data in the first place, and so, don't know when they would otherwise get it?
@prowhiskey26786 жыл бұрын
Great explanation!
@elgsquilliam6 жыл бұрын
The tech quickie intro is so good. I forgot about it, since I've been watching all vids in Floatplane
@tecker74546 жыл бұрын
"[Spectre] will dump the information the attacker wants into cache" Cache as well as cash $$$ 😬
@tzint566 жыл бұрын
glad i learned more about assembly and internal operations of a CPU. all of this makes a ton of sense. it's a way of deducting data at a memory address instead of asking for it directly (which will give a segmentation fault because the memory address it's asking for is outside of the program's "virtual memory", basically its partitioned area / sandbox that it plays in). seems to exploit cpu registers, wouldn't surprise me if this video explains it a little off just so that it's easier to explain. it'd be hard to write an assembly-level bug that utilizes any kind of inference of data, but then again it could probably be done in C, but i doubt it would be
@1stfloorguy596 жыл бұрын
Intel said the chips are working as designed though
@samwansitdabet66306 жыл бұрын
It is ABOUT to be patched.
@m3talgame206 жыл бұрын
Yes, they are working perfectly to NSA's specifications...
@Teixas6666 жыл бұрын
in a sense they are the exploit is a result of a feature of all modern Cpu's, issue was that intel prefered ot leave ppl in the dark when they knew the issue was now exploitable
@matthewday75656 жыл бұрын
Wasn't quite sure of the scope, whether it meant fishing with half a chance, or if it could target particular data. One thing that seems clear, the two vulnerabilities will not help to gain access initially, but could be used by malware that has already entered, or by a malicious user on a shared system
@chocobro76 жыл бұрын
Welp, time to bust out the old 486!
@sulphurous26565 жыл бұрын
"Here's what you won't get on your 486!"
@Elijah25 жыл бұрын
At 4:22, “This guy really likes x+y” LOL! And the barking CPU
@gereral1_jackofalltrades6 жыл бұрын
Spectre meltdown fix. Remove Internet lol
@kepalaketukrandom73116 жыл бұрын
No just use nokia 3310
@alexxela90576 жыл бұрын
so the bios updates for the newer motherboards besically just disable that predictive processing feature? (which results in a slower cpu) or did they fix it in a different way?
@romulino6 жыл бұрын
photoshop using less ram than chrome? 🤣
@JohnCena-hu3jq5 жыл бұрын
People who made these are literally mad genius.
@dylanoonk64564 жыл бұрын
2:26 this is totally unreasonable Linus! You're a tech person, I wouldn't thing that you of all people would make this mistake!! 1 ram stick per google chrome tab
@anch953 жыл бұрын
Why can the malware even analyse the timings on the CPU for commands it isn't supposed to(and can't) see?
@jumpierwolf6 жыл бұрын
Could those exploits be used on game consoles to run homebrew?
@Ardkun006 жыл бұрын
Yes, but it would require some customization.
@HP97user6 жыл бұрын
no... that's not how any of this works... this is reading memory, not running an os
@allanlansdowne3406 жыл бұрын
Only if you are connected to the internet.
@xGatoDelFuegox6 жыл бұрын
Watching this after taran said he gave the malwares their own "personalities"...great touch :)
@PeteSinHouston6 жыл бұрын
Brought to you by the good folks at the NSA (and the University of Wisconsin). A feature, not a bug.
@StormyHotwolf886 жыл бұрын
Very good explanation. The animation was good too ^_^. It's a shame the video kept stopping on me every few seconds, but I got through it!
@spectrefour24046 жыл бұрын
I'm still wondering why my name was used for a security bug.
@samwansitdabet66306 жыл бұрын
Cus it sound cool
@spectrefour24046 жыл бұрын
Sam Wansitdabet that's why I picked it
@spectrefour24046 жыл бұрын
CommanderRE I also have an AMD processor. Coincidence?
@EndorsedAura6 жыл бұрын
SpectreFour I think not.
@kaiwenyu65196 жыл бұрын
It is so clever to figure this bug out. So much fun understanding Meltdown!
@inidjilin6 жыл бұрын
Who the hell cares about someone being the first of a video
@hobomisanthropus24146 жыл бұрын
Spectre is incredibly impractical to exploit. It can really only be used effectively against task-specific machines since the standard home user machine has so much junk data. This supposedly makes it a very useful exploit to steal hashing addresses and wipe out crypto wallets though. Enterprise servers that process payments are ripe targets as well.
@xavierssounds32326 жыл бұрын
Only one of you were first.
@angelodou6 жыл бұрын
First
@joeldeakin20036 жыл бұрын
First
@joeldeakin20036 жыл бұрын
Galvatron I said it for a joke here
@bibasik76 жыл бұрын
*Blue shell*
@beaminyo_rblx5 жыл бұрын
Those noises from the viruses are enough to give me nightmares and make me not download anything off the web again...
@prestonferry6 жыл бұрын
This was kinda a late video.
@antiseth39646 жыл бұрын
Wrote a paper on this, so it's interesting to understand what he's talking about in this case. These flaws are game-changing for microarchitecture design.
@dominikgoslawski6276 жыл бұрын
time to change my passwords to some 10 word sentences
@Ardkun006 жыл бұрын
Don't say that or attackers will know the method to crack you.
@MLWJ19936 жыл бұрын
Dominik Goslawski Problem is they get cached anyway...
@trentonpaul63766 жыл бұрын
woah this video is far better than the rest on this channel (I want to see more videos like this)
@marekvrbka6 жыл бұрын
*Laughs in AMD*
@danielhn936 жыл бұрын
Marcuss2 AMD master race
@ivan______________________40026 жыл бұрын
AMD budget race
@somealtidklol31906 жыл бұрын
*cries in coffee lake*
@cicciobombo74966 жыл бұрын
Hans Von Witzland that's still 50% less major vulnerability issues than intel
@kataja346 жыл бұрын
Laughs in RYZEN
@MageThief6 жыл бұрын
Great video, it really breaks down the whole issue in a simple way.
@donny60034 жыл бұрын
Wow I'm impressed, this video actually got down into pretty technical subjects
@justinkinter86515 жыл бұрын
What about a CPU that in the beginning works on a speculative level, but as the user uses the CPU and it begins to see the regular patterns of the user the speculative branch becomes cemented in a way, basically it learns about the user then once it has the patterns down it just completely shuts down that branch, it basically works it way into becoming a CPU optimized for that particular user.. I know it's not the best solution but it might work sonewhat. Please tell me why this wouldn't work, I know there has to be some reason it wouldn't. I'm guessing that the things the CPU speculates about are just way too broad to make it be any permanent pattern or anything like that, what if it was on a per program basis however?
@android1755 жыл бұрын
Justin Kinter Imagine CC information that is then permanently set on the cpu, it doesnt solve specter and meltdown, it does the opposite.
@justinkinter86515 жыл бұрын
Carlos Espindola yeah but dont they both exploit the actual running process, so if that process was no longer running wouldn’t they be rendered moot? You might have to explain more in depth for me because i literally dont really know anything about this stuff and this whole thing was just kind of a random thought i had lol
@KeppyKep6 жыл бұрын
Nice writing and editing, team
@gFamWeb6 жыл бұрын
Thank you for actually explaining what it does in detail.
@anasmohamad864 жыл бұрын
Linus during the video:😐🙂 Linus during ads: 😄😁
@mixchief6 жыл бұрын
So if your CPU has contracted one of these, will they be removable by some method, or would you bin the CPU for good?
@RinaldoJonathan6 жыл бұрын
1:53 I thought that was steam chat. damn
@attackLive6 жыл бұрын
Will Gen 2 Threadripper have it fixed?
@EdyDev4 жыл бұрын
I like how at 2:35 PhotoShop eats up more RAM than Chrome ;))))
@hedlund6 жыл бұрын
You may have done this already, but if not: I'd really love to see a vlog or WAN Show segment regarding these vulns. Aside from wanting your personal opinion(s) on the whole spectacle, I want to know if you've any tips for us, because I'm sure I'm not alone in having less-than-savvy relatives and friends who are damn near guaranteed to achieve said meltdown in record time, and I really don't know how to begin explaining this to them.
@StefsEngineering6 жыл бұрын
Excellent informative video! Thanks Linus (& Co)!
@authorised_creature6 жыл бұрын
Virus Program: Hey, can I see the contents of memory address #17? Ghetto CPU: Fuck you, I aint giving u shit
@Dakktyrel6 жыл бұрын
Both of these require a persistent threat that has already defeated any security features (AV, IDS, IPS) installed. So the threat is there...but if an attacker has already compromised your device or network....Spectre and Meltdown will be the hard way to get what they already have access to.
@muff1n364 жыл бұрын
Techquickie: it infects computer CPU’s Me around 1:00: good thing im watching this on a tablet ;-; Techquickie: IT EVEN INFECTS SMARTPHONES Me: NOOOOOOOOOOOOOOOOOOOO
@darkcreature97556 жыл бұрын
Linus could you please make a video talking about differences between C++ and C# and which one is better.
@DucktatorD6 жыл бұрын
do antivirus programs and firewalls provide any protection against this? or is this just far out of their use?
@KrisMcCool4 жыл бұрын
Ah well good luck trying to extract bank account from my computer that doesn’t even have a bank account.
@TheBardsCorner6 жыл бұрын
How do these malware come into your computer? Is there any anti-malware that would check and disable them?
@vega12876 жыл бұрын
so why dosn't the cpu save the result in a part of memory and dosnt allow to continue until authorized to do so otherwhise the result will just get deleted imediatly and in the time that is leftz over after saving the result it starts to work on something else and wont allow the ame programm to read this memory but allow the programm to do other stuff as long as they don't need the result of the previous operation but they will be allowed to do so if it is confirmed that the programm is authorized to do so
@Kie-70776 жыл бұрын
For a exploit to work you'd have to aim your attack at a particular payment system such as paypal US. And you'd need your code to be running whilst the person is logging in and you'd need the login data to stay in place for long enough for your slow code to grab it and grabbing it sounds very difficult to me, I'd be very surprised if we ever saw a successful exploit in the wild. There is also the question of whether your code is going to work on more than one CPU architecture, you may have to limit it to a particular model of CPU (or small range).