Why are Spectre and Meltdown So Dangerous?
Рет қаралды 1,148,757
6 жыл бұрынSquarespace link: Visit squarespace.com/techquickie and use offer code TECHQUICKIE to save 10% off your first order.
Spectre and Meltdown are security flaws that, between them, affect nearly all of the world's PCs and smartphones! How did this happen, and what makes these bugs so sinister?
Techquickie Merch Store: www.designbyhumans.com/shop/L...
Techquickie Movie Poster: shop.crowdmade.com/collection...
Follow: / linustech
Leave a reply with your requests for future episodes, or tweet them here: / jmart604
Join the community: linustechtips.com
Intro Theme: Showdown by F.O.O.L from Monstercat - Best of 2016
Video Link: • Monstercat - Best of 2...
iTunes Download Link: itunes.apple.com/us/album/mon...
Listen on Spotify: open.spotify.com/album/5Zt1P3...
@tonydas999 6 жыл бұрын
Why do vulnerabilities always get such cool names?
@DerEwigeWanderer 6 жыл бұрын
there was once a worm called "conficker". in german, "ficker" means "fucker" :)
@potatopobobot4231 6 жыл бұрын
Like aids?
@Wonky2 6 жыл бұрын
And why did they get such pretty logos?
@TestiEsti123 6 жыл бұрын
Probably the same reason as why storms get Human names. Easy to remember
@ref3665 6 жыл бұрын
Yeah, CVE-2018-7600 is a really cool name.
@1stfloorguy59 6 жыл бұрын
It's a good thing my bank account is always empty
@IV_Cornec 6 жыл бұрын
1stfloorguy I feel ya
@drmegaman 6 жыл бұрын
fucking steam
@rdln4313 6 жыл бұрын
Dr Megaman more like fucking mundaine life shit to buy
@drmegaman 6 жыл бұрын
Lou D yeah, I said Steam because I thought that'd be funnier but it really is amazing how much little random stuff adds up
@RettigJ 6 жыл бұрын
That is normal. (For ~8/10 Americans -Dave Ramsey)
@moth.monster 6 жыл бұрын
Wow, someone finally actually explained what the fucking bugs do. Thank you. I was getting tired of people just saying "Oh it's bad" and not actually caring about what it really does
@m3talgame20 6 жыл бұрын
you are more likely to encounter a dinosaur than a meltdown or spectre exploit
@Mik-kv8xx 3 жыл бұрын
@@m3talgame20 how do you know?
@justacasualgamer1957 3 жыл бұрын
@@m3talgame20 can you explain how
@VeryBigExplosion 3 жыл бұрын
@@m3talgame20 *Last Online 3 years ago*
@m3talgame20 3 жыл бұрын
@@VeryBigExplosion hmm old video it seems. I'd be more worried about china
@RmwPathricc 4 жыл бұрын
Meltdown and Spectre can also attack your phone processor Me : *laugh in nokia 3310*
@the_danksmith134 4 жыл бұрын
I hope they wont attack it cause that would cause a megagalactic explosion!!! Nokia 3310 is a serious weapon!
@missingno2401 3 жыл бұрын
nokia 3310 = the halo array dont do it, were all gonna die
@JohnSmith-xq1pz 3 жыл бұрын
Plz don't drop it
@JohnSmith-xq1pz 3 жыл бұрын
@@the_danksmith134 No kidding little known fact they powered both DeathStars
@michakrzyzanowski8554 3 жыл бұрын
@@JohnSmith-xq1pz linus shouldn't carry it
@Matthigast 6 жыл бұрын
You didn't give enough ram to chrome, ffs Linus!
@JonatasAdoM 6 жыл бұрын
He closed the tabs in chrome's task manager
@dagg497 6 жыл бұрын
Chrome 💕 RAM And the internet Tabs get super tiny with no text, so I'll never leave Firefox.
@Hydr8Man 6 жыл бұрын
Good thing my school uses MacBooks *AND CHROME* and the teachers are always wondering why the laptops are so slow
@Ferotiq 5 жыл бұрын
matthigast that’s every teacher but they only have 2gigs of ram XD
@itsmetheherpes1750 5 жыл бұрын
what the heck is specter and meltdown ?
@aR0ttenBANANA 6 жыл бұрын
i aint afraid of no ghost
@uhoy1488 6 жыл бұрын
aR0ttenBANANA96 GHOSTBUSTERS
@SimGunther 6 жыл бұрын
aR0ttenBANANA96 I ain't afraid of no sleep I ain't afraid of no bed
@MC2738 6 жыл бұрын
My server doesn't have this vulnerability, but my Gaming PC does :(
@samwansitdabet6630 6 жыл бұрын
Banking on server Fapping on battlestation Not that hard
@simontay4851 6 жыл бұрын
Who you gonna call...
@pmmoj33kristoferromanvilla48 4 жыл бұрын
TechQuickie: “These affect almost every Intel CPU” Me at around 1:00 : “ah good thing I use AMD” TechQuickie 5 seconds later: “It also affects AMD CPUs” Me: NOOOOOO
@giovannimaranzano292 4 жыл бұрын
Progamerz 18 saaaaame
@cockatoo010 4 жыл бұрын
Meltdown doesn't affect AMD CPUs and 3000 series Ryzen CPUs include hardware mitigations against Spectre
@freevbucks8019 4 жыл бұрын
Yes but it's spectre. You're safe from meltdown
@the_danksmith134 4 жыл бұрын
Me: Haha Im on my phone!!! Techquickie 1 second later: ...and even Qualcomm CPUs Me: FUUUUUUUUU....
@markind_007protocol7 4 жыл бұрын
Good to update regularly if theres windows update available and read it first before update
@PedroOjeda 6 жыл бұрын
This was probably the best Techquickie video. I actually learned something instead of just getting a lot superficial knowledge
@masoluboxD 6 жыл бұрын
I think this is still superficial knowledge
@joesterling4299 6 жыл бұрын
I learned more about how the exploits work, but nothing to change my mind about how useless it is to obsess about them. Fact is we're screwed if anyone truly talented decides to come after our info. Vulnerabilities >>> Fixes for them
@jeffbrownstain 6 жыл бұрын
Really, because this was the most useless video I've watched yet. What does knowing how these work do for anyone that isn't working to fix them? I'd much rather learn all the discrepancies between file types than how a bug that will never effect 99% of people works.
@mcrsit 5 жыл бұрын
@@jeffbrownstain You obviously didn't understand the video then.
@jeffbrownstain 5 жыл бұрын
mcrsit Year old video dude gtfo
@LBSiUK 3 жыл бұрын
Fun fact!: Early Intel Atom processors (the ones in netbooks from 2008-2010, like the n270 and n450) don't support speculative execution and therefore aren't vulnerable to Spectre/Meltdown.
@Afif87123 2 жыл бұрын
when its so bad that virus wont even bother to infect it
@ZaHandle 2 жыл бұрын
Security through lack of features
@Ale-bj7nd 2 жыл бұрын
The best CPUs ever made
@ProcessedDigitally Жыл бұрын
@@ZaHandle lol good one
@AlexanderPavel 6 жыл бұрын
One important thing that was not mentioned: Meltdown (Intel specific) allows a program to read memory from anywhere on the CPU, included protected system memory. The 2 main spectre vulnerabilities can only read from the currently executing program or another program running in userspace (not system).
@3420undertaker 6 жыл бұрын
2:30 Google Chrome is inacurate it needs like THE WHOLE DAM BAR!
@alfredoreconco 3 жыл бұрын
I confirm as a Google Chrome user
@SnowyRVulpix 3 жыл бұрын
@Revali Which is a Chromium-based browser xD I think Firefox and Safari are the only ones that aren't Chromium now.
@reckobot 3 жыл бұрын
For me, who is using google chrome *with two tabs open*, I have discovered that google chrome uses up around a fat 780 mb of ram.
@ms.magenta 3 жыл бұрын
I cant relate to not having enough RAM for my browser, I use Edge.
@ms.magenta 3 жыл бұрын
somehow Microsoft did something right
@sidewinder3422 6 жыл бұрын
As I expected Modern Technology is dangerous, nothing beats my old but realiable Abacus
@Dragon22999 6 жыл бұрын
Franz Tinuviel how bout them space probes orbiting jupiter?
@estoor4258 6 жыл бұрын
Comet Streak Probably just trash we found in space
@taustyz5875 5 жыл бұрын
Yeah but can it run Crysis
@parasztj 5 жыл бұрын
It is dangerous. Depends on acceleration.
@lennon8435 4 жыл бұрын
Abacus is a bit advanced for me
@cedricvelarde 4 жыл бұрын
CPU: I can predict your next move. Spectre, Meltdown: Omae wa mou shindeiru CPU: *NANI?!*
@FarmYardGaming 4 жыл бұрын
*Rather loud melting sounds*
@herrreinsch 6 жыл бұрын
*4:26** the barking cpu, I'm dead.* 😂
@blackhatvisions 6 жыл бұрын
normie
@ZargAtHome 6 жыл бұрын
BlackHat Visions REEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE
@seppmartti 6 жыл бұрын
I'm not sure what's going on, but: REEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEST IN PEACE.
@hypermangi8265 6 жыл бұрын
BlackHat Visions REEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEST IN PEACE.
@kmical1564 6 жыл бұрын
BlackHat Visions REEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE
@JorgetePanete 4 жыл бұрын
So, the CPUs are like: "Your next line will be..."
@deki9827 3 жыл бұрын
Oh ho
@ashii_ii 3 жыл бұрын
@@deki9827 josef joster
@musmuk5350 6 жыл бұрын
There's a hole in your T-shirt Linus :/
@JRobert111111 6 жыл бұрын
Or a stray piece of potato chip or some other food item.
@Jmandude5 6 жыл бұрын
Technically, all shirts have holes in them.
@K34nuT 6 жыл бұрын
mind blown
@Czarcasm. 6 жыл бұрын
I think that’s his microphone
@Deekk 6 жыл бұрын
Well duh that’s where his head, arms and body go in
@virusboy07 6 жыл бұрын
It’s not the same without tunnelbear
@ray3990 6 жыл бұрын
GerardoMjr what happened to tunnelbear
@drmagnusw1238 6 жыл бұрын
RayZr search we broke up.. linustechtips! he will tell you!
@PixelVogue 6 жыл бұрын
fcukin old fukin news!
@yourick1953 6 жыл бұрын
lets keep it here mcafee bought tunnelbear that should say enough
@psych0536 6 жыл бұрын
goddamn mcafee
@Jan-vv1zk 6 жыл бұрын
Hands down, this was pretty amazing. Great job, Linus.
@kenstoudamire7366 4 жыл бұрын
Cant expect an assembly spectre exploit in a 10 min vid
@petarpartaloski8889 4 жыл бұрын
As a guy who just had a subject dedicated to building processors from scratch, all of these terms seem very familiar to me, and I loved how well described the problems are in this video, just as always, Techquickie delivers!
@nicolasmunoz1847 6 жыл бұрын
The whole schematic to explain the vulnerabilities is very well put together. Nice work!
@Robo4720011 6 жыл бұрын
This is one of the best readers digest explanations of the Spectre and Meltdown exploits I've seen so far. Bravo, Linus and the Techquickie team!
@Twatical 6 жыл бұрын
Checked my steam like 10 times whilst watching this video
@EREMIT-DE 4 жыл бұрын
Could you enlighten me? Also have Steam, just be online there once a month for new games. And then just single player rpg, as I am married 😂 Have no clue why someone even would go online on steam once a day...
@NobbsAndVagene 4 жыл бұрын
@@EREMIT-DE Because they play a lot of games?
@EREMIT-DE 4 жыл бұрын
@@NobbsAndVagene Cool answer, so they play a lot of games and that is why they checking steam 10 times a day instead of playing a lot of games... so... if someone has a real answer... still no clue ^^ are you watching comments on games or have some forums I still not know about...?
@Mugetsu_Gaming 4 жыл бұрын
@@EREMIT-DE because the video had a lot of sound effects similar to that of which steam uses.
@missingno2401 3 жыл бұрын
bro i have no steam friends i dont have such weaknesses
@doncosner2611 3 жыл бұрын
This is the best explanation of these vulnerabilities I have heard! Nice job!
@windCR 6 жыл бұрын
Solution: USE A INTEL i386 processor! (iT'S MADE BEFORE 1995 RIGHT? Or am I dumb? =/)
@KWatson1984 6 жыл бұрын
386 came out in late 1985. 1995 was Pentium Pro.
@DJMavis 6 жыл бұрын
Ah, 33Mhz.
@frozenturbo8623 2 жыл бұрын
@@DJMavis should be enough for the rtx 3070
@rustyshackleford5166 6 жыл бұрын
6:01 Speaking of plugging holes.....buttplu.....ahem....tunnel bear!! Wanna plug the holes where your ISP can peek at your data? Use a vpn to plug your data holes. LMAO!
@burner887 6 жыл бұрын
Russ Orler tunnelbear was bought by mcafee so no more tunnelbear ads lol
@rustyshackleford5166 6 жыл бұрын
Dadda Purple speaking of no more ads..... ADVERTISEMENT HERE!
@thischannelwillselfdestruc4977 6 жыл бұрын
its all pia ads now. Although I've started using IPVanish and am comfy.
@remirms2239 6 жыл бұрын
Lol, my name really is Jeff and I live in N.Y. I own an i7 4770k though, not an i5 4670k.😋
@haas170 6 жыл бұрын
Sure it’s not Rémi?
@remirms2239 6 жыл бұрын
Qyndryx Yeah because my Surname would be *Rooms* ...
@Minecrafted907 6 жыл бұрын
My name jeff
@HectorDomino. 6 жыл бұрын
Thanks man, you have no idea how helpful your AFAP videos are. Cheers!
@bas7545 6 жыл бұрын
Could you talk about the Cambridge analytica scandal?
@zyyyper2459 6 жыл бұрын
Bas 7 its more a political topic than anything else
@TROONTRON 6 жыл бұрын
We have all known about facebook selling our personal info for years, yet only now do people seem to care...
@Shuvojit69 6 жыл бұрын
It's just Facebook, Twitter selling data to a company that then does shit.. Thats what I understood 🙂
@bas7545 6 жыл бұрын
nigga what yeah that's true
@SpartanDusk 6 жыл бұрын
T.S that’s not the issue, it’s the fact that Cambridge will also take your friends info and sell it. It’s like your friend had sex with a skank and you got their aids as well. It’s probably worth for them but not for you
@prowhiskey2678 6 жыл бұрын
Great explanation!
@Techlifeandmore 3 жыл бұрын
Since Spectre must ask the CPU repeatedly to execute the instructions, the CPU could take notice of this. It could then stop executing the instructions, investigate which program is doing so, and then delete Spectre.
@stellanstafford6025 2 жыл бұрын
It should use windows defender to notice it
@frozenturbo8623 2 жыл бұрын
@@stellanstafford6025 most OS don't have windows defender
@MageThief 6 жыл бұрын
Great video, it really breaks down the whole issue in a simple way.
@shudidesai 6 жыл бұрын
Good job, can't imagine how hard this was to make, simplifying and compressing technical information like this is truly impressive. Give my regards to the script writer.
@Kneedragon1962 6 жыл бұрын
One consolation about Spectre & Meltdown. We've been hearing (a lot) about these vulns that will end life as we know it, but so far, (as far as I know), there has not been a single malicious example used in the wild, anywhere, any time, by anyone against anyone. The Y2K bug was lot more real and present and easy to demonstrate... I'm not saying they can't be used in the wild, but we've heard a hell of a lot about them, but after 4 or 5 months, there's still not been a single case of anyone catching gonorrhoea off a toilet seat.
@dvijbarot 6 жыл бұрын
Great work guys....keep it up... Big fan!!!
@StefsEngineering 6 жыл бұрын
Excellent informative video! Thanks Linus (& Co)!
@gFamWeb 6 жыл бұрын
Thank you for actually explaining what it does in detail.
@feketetv 6 жыл бұрын
a bit late, Linus
@ReapeX 6 жыл бұрын
better than never
@PKGangsta18 6 жыл бұрын
i think he is laying it out on Jump St for those who keep asking him what the exploits instead of googling it for themselves lol
@CaveyMoth 6 жыл бұрын
But at least his descriptions of the vulnerabilities are more detailed than in some other KZbinrs' videos.
@NoNameAtAll2 6 жыл бұрын
More like a byte
@ko-Daegu 6 жыл бұрын
Cavey Manta No one is better then ComputerPhile + There are mistakes in what CPU are vul ... go and read the sec paper or visit the website they layout the vul easily and you would know
@handymani4502 6 жыл бұрын
The power of christ compels you - spectre the ghost flys out of pc -
@elgsquilliam 6 жыл бұрын
The tech quickie intro is so good. I forgot about it, since I've been watching all vids in Floatplane
@filmgbg 6 жыл бұрын
Really good video. Thanks for explaining in such a detailed way.
@user-ok4pk2mp3e 6 жыл бұрын
I was watching this on my newly bought Sceptre monitor and freaking out until I realized it's just an anagram.
@gamboodle 6 жыл бұрын
"Knock knock!" *Branch prediction* "Who's there?"
@kaiwenyu6519 6 жыл бұрын
It is so clever to figure this bug out. So much fun understanding Meltdown!
@zombl337og 6 жыл бұрын
I love these videos, they answer so many of my tech questions!
@Matin_M 6 жыл бұрын
Who thought their *Steam* was going off during this video? xD
@canofbeans9455 4 жыл бұрын
me :(
@brentsnocomgaming7813 6 жыл бұрын
Thank you for developing meltdown and spectre, NSA
@levifzephyr 6 жыл бұрын
Thanks for those explanations !
@JohnSmith-nc9ep 6 жыл бұрын
Thank you for this Linus. Very helpful.
@sroku7673 4 жыл бұрын
"Why are Spectre and Meltdown so dangerous?" Mindustry players: indeed they are
@Mik-kv8xx 3 жыл бұрын
Dont say the forbidden names!
@pendingchange3776 3 жыл бұрын
laughs in meltdown wall
@martincaller1344 3 жыл бұрын
laughs in infinite wall health
@V0TION 6 жыл бұрын
4:21 Who else checked Steam??
@xXConsmariosXx 5 жыл бұрын
2:10 i checked steam xD
@danielediedrichs8478 5 жыл бұрын
It's not really the same Sound
@DacLMK 4 жыл бұрын
Change your name asshole
@V0TION 4 жыл бұрын
@@DacLMK no I don't think I will
@DacLMK 4 жыл бұрын
@@V0TION Change it, it disrupts scrolling on the page
@Elijah2 5 жыл бұрын
At 4:22, “This guy really likes x+y” LOL! And the barking CPU
@MWLLxUnderTaker 6 жыл бұрын
My comp is protected by Drax! His reflexes are so fast nothing would go over his head!
@larrylentini5688 6 жыл бұрын
You say I'll notice when my bank account is empty, but that's my secret. My bank account is *always* empty.
@tecker7454 6 жыл бұрын
"[Spectre] will dump the information the attacker wants into cache" Cache as well as cash $$$ 😬
@sammorrow8420 6 жыл бұрын
Wow that was a very complicated subject made simple, thank you Linus. 😄
@william_mazza 6 жыл бұрын
Thank for the explaination Linus
@nocturnalnights27 6 жыл бұрын
Welp, time to bust out the old 486!
@sulphurous2656 4 жыл бұрын
"Here's what you won't get on your 486!"
@HShango 6 жыл бұрын
I am not vulnerable to meltdown, but I'm for sure vulnerable to spectre, despite me downloading the microcode updates to mitigate spectre. My CPU is a Haswell i7 4700hq btw.
@SnoutBaron 6 жыл бұрын
Moses Jonson IIRC there are 2 Spectre updates. The Microsoft microcode update is for variant 2. To patch Spectre fully, your motherboard manufacturer needs to release a patched BIOS. FYI If your laptop is MSI, then drop them a support ticket and they will work on a fix upon request.
@NoorquackerInd 6 жыл бұрын
"microcode updates" Are you a Linux user?
@SweMisterB 6 жыл бұрын
Support ticket to get patches.. Pfff. MSI straight up said they wont patch anything older then 2 gens back, and if they changed their policy, this has certainly not been communicated to the owners of motherboards, or laptops from them. Not that it's much different for anyone else, regardless of brand.
@HTR92 6 жыл бұрын
Second that you need BIOS update ^^^^ Happy that Asrock is on top of this for my z97 as I thought they were going to ignore me
@SweMisterB 6 жыл бұрын
Impressive. Most other brands haven't updated that far back. And wont.
@kperkins1982 6 жыл бұрын
Great video, this is a perfect topic for tech quickie, complex but broken down easily and now I am both better for understanding it, (and sad that I do)
@RadioactiveBlueberry 6 жыл бұрын
Great visual presentation. Bravo!
@romulino 6 жыл бұрын
photoshop using less ram than chrome? 🤣
@1stfloorguy59 6 жыл бұрын
Intel said the chips are working as designed though
@samwansitdabet6630 6 жыл бұрын
It is ABOUT to be patched.
@m3talgame20 6 жыл бұрын
Yes, they are working perfectly to NSA's specifications...
@Teixas666 6 жыл бұрын
in a sense they are the exploit is a result of a feature of all modern Cpu's, issue was that intel prefered ot leave ppl in the dark when they knew the issue was now exploitable
@donny6003 4 жыл бұрын
Wow I'm impressed, this video actually got down into pretty technical subjects
@ShanMichaelEscasio 5 жыл бұрын
Wow. Thanks for the info! Linus, didn't regret subscribing! Learned a lot from you. 😎
@gereral1_jackofalltrades 6 жыл бұрын
Spectre meltdown fix. Remove Internet lol
@kepalaketukrandom7311 5 жыл бұрын
No just use nokia 3310
@clorox9731 6 жыл бұрын
Linussponspertips
@mattparsons2 6 жыл бұрын
sponsor*
@tonipejic2645 6 жыл бұрын
Sponsored by who? Neither intel nor amd would brag about security holes in their cpu-s...
@StormyHotwolf88 6 жыл бұрын
Very good explanation. The animation was good too ^_^. It's a shame the video kept stopping on me every few seconds, but I got through it!
@evers6214 5 жыл бұрын
This video was brilliantly easy to understand. Thx for clearly explaining how it works... ive read quite a few articles on these things still didn’t really “get it”. Tho you should have mentioned that in order to exploit amd needs local physical access to the machine
@Hunter_Bidens_Crackpipe_ 6 жыл бұрын
Intel failed hard, it was funny of them trying to pull AMD in when they were much less affected.
@minecraftmaster909 6 жыл бұрын
TomaCukor doesn’t matter there both dumbasses and bad companies for not protecting customers
@GreyBlackWolf 6 жыл бұрын
TomaCukor amd is much less affected because intel holds more than half the CPU market.
@JonatasAdoM 6 жыл бұрын
They're still affected.
@Lightn0x 6 жыл бұрын
dude you can't just magically "protect costumers".. sure, they can remove speculative execution from their CPUs, but that will slow down your processor (and implicitly your entire system) by I would guess somewhere around half
@GreyBlackWolf 6 жыл бұрын
Lightn0x Your right. They tried it at first on a handful of chips and the results were so drastic, some people couldnt run their systems for the purpose of what the built them for. Gamers found their systems having trouble running any games for instance.
@PeteSinHouston 5 жыл бұрын
Brought to you by the good folks at the NSA (and the University of Wisconsin). A feature, not a bug.
@KeppyKep 6 жыл бұрын
Nice writing and editing, team
@tzint56 6 жыл бұрын
glad i learned more about assembly and internal operations of a CPU. all of this makes a ton of sense. it's a way of deducting data at a memory address instead of asking for it directly (which will give a segmentation fault because the memory address it's asking for is outside of the program's "virtual memory", basically its partitioned area / sandbox that it plays in). seems to exploit cpu registers, wouldn't surprise me if this video explains it a little off just so that it's easier to explain. it'd be hard to write an assembly-level bug that utilizes any kind of inference of data, but then again it could probably be done in C, but i doubt it would be
@xavierssounds3232 6 жыл бұрын
Only one of you were first.
@angelodou 6 жыл бұрын
First
@joeldeakin2003 6 жыл бұрын
First
@joeldeakin2003 6 жыл бұрын
Galvatron I said it for a joke here
@bibasik7 6 жыл бұрын
*Blue shell*
@EpochIsEpic 6 жыл бұрын
Spectre and meltdown have never been used in the wild. They were discovered by three different cyber security research labs. Somebody might have taken advantage of it, but I doubt anybody made anything that complicated this fast.
@yourick1953 6 жыл бұрын
or nobody wants to use these vulnerabilities because it could fuck up everyones computer.
@spencerbrown2583 6 жыл бұрын
Precisely. 3 different security researchers. And the possibility of Branching Exploits have been mentioned in the relevant literature for more than a decade. Its not that unlikely that these have been previously discovered by malicious individuals.
@BothHands1 6 жыл бұрын
I think it's pretty likely that the exploit is being used in extreme international espionage applications, but it's unlikely that the hacker who just wants your bank info has developed a program yet. I wouldn't be surprised if spectre and meltdown were used by at least one government for years, even decades. Luckily that shouldn't affect us though lol
@infernaldaedra 6 жыл бұрын
EpicReplayMC I actually remember a article that mentioned there was a issue with the Xbox 360 around with this and used it for a bug fix or something. But didn't really know what that it could be done maliciously or didn't go to far into it. randomascii.wordpress.com/2018/01/07/finding-a-cpu-design-bug-in-the-xbox-360/
@lmaoroflcopter 6 жыл бұрын
Danielle Spargo there is now a proof of concept release for privileged writes to kernel memory resulting in privilege escalation on windows. blog.xpnsec.com/total-meltdown-cve-2018-1038/ There were already pocs that read protected memory via JavaScript but thankfully Chrome and Firefox were swift to patch.
@syler7341 6 жыл бұрын
i love how he manages to squish add in the end :D
@trentonpaul6376 6 жыл бұрын
woah this video is far better than the rest on this channel (I want to see more videos like this)
@dylanoonk6456 4 жыл бұрын
2:26 this is totally unreasonable Linus! You're a tech person, I wouldn't thing that you of all people would make this mistake!! 1 ram stick per google chrome tab
@jumpierwolf 6 жыл бұрын
Could those exploits be used on game consoles to run homebrew?
@Ardkun00 6 жыл бұрын
Yes, but it would require some customization.
@HP97user 6 жыл бұрын
no... that's not how any of this works... this is reading memory, not running an os
@allanlansdowne340 6 жыл бұрын
Only if you are connected to the internet.
@matthewday7565 6 жыл бұрын
Wasn't quite sure of the scope, whether it meant fishing with half a chance, or if it could target particular data. One thing that seems clear, the two vulnerabilities will not help to gain access initially, but could be used by malware that has already entered, or by a malicious user on a shared system
@seapeajones 6 жыл бұрын
That squarespace segue was gold.
@prestonferry 6 жыл бұрын
This was kinda a late video.
@spectrefour2404 6 жыл бұрын
I'm still wondering why my name was used for a security bug.
@samwansitdabet6630 6 жыл бұрын
Cus it sound cool
@spectrefour2404 6 жыл бұрын
Sam Wansitdabet that's why I picked it
@spectrefour2404 6 жыл бұрын
CommanderRE I also have an AMD processor. Coincidence?
@SuperSaiyanNaruto2 6 жыл бұрын
SpectreFour I think not.
@TeamTeddy666 6 жыл бұрын
4:20 I think I've done this before. Right after my PC turns on, if i try to open explorer, it won't open immediately because it just turned on. But, if I try to open it again, it immediately opens 2 windows of it. I'm not sure if this would fall into this "pattern" category, but It's something I noticed.
@FireController1847 6 жыл бұрын
that's just lag. you hit the button twice, so it will open two windows. if you hit it once, and wait, it will only open once.
@tiosatria9919 6 жыл бұрын
after you turn on your pc. your disk usage will reach about 100% that's because windows memory management, cache, and all that stuff to keep your windows running. because of that, you cant access your windows explorer immediately, there's alot of data to process. here's a tip : Replace your current hdd with ssd, this will solve your problem.
@a7medal-tell471 Жыл бұрын
This video is the best one about processor security
@inidjilin 6 жыл бұрын
Who the hell cares about someone being the first of a video
@lunicatgaming2090 6 жыл бұрын
[number]st/nd/rd/th
@TudorGruian 6 жыл бұрын
Video after fix.Awesome!
@Tushar_KN 6 жыл бұрын
That's scary and scarier AF after you explained it, thanks good way
@dominikgoslawski627 6 жыл бұрын
time to change my passwords to some 10 word sentences
@Ardkun00 6 жыл бұрын
Don't say that or attackers will know the method to crack you.
@markjacobs1086 6 жыл бұрын
Dominik Goslawski Problem is they get cached anyway...
@marekvrbka 6 жыл бұрын
*Laughs in AMD*
@danieln.285 6 жыл бұрын
Marcuss2 AMD master race
@ivan______________________4002 6 жыл бұрын
AMD budget race
@somealtidklol3190 6 жыл бұрын
*cries in coffee lake*
@cicciobombo7496 5 жыл бұрын
Hans Von Witzland that's still 50% less major vulnerability issues than intel
@kataja34 5 жыл бұрын
Laughs in RYZEN
@danielblack4190 4 жыл бұрын
Actual question here: how do specter and meltdown know how fast certain data from certain memory addresses get loaded in if they don't have access to the data in the first place, and so, don't know when they would otherwise get it?
@xGatoDelFuegox 6 жыл бұрын
Watching this after taran said he gave the malwares their own "personalities"...great touch :)
@Supadude 6 жыл бұрын
Wow thank goodness I don't have those!
@charlesdeviti2034 6 жыл бұрын
Supadudesvidsaxb Pro You definitely have Spectre, though.
@Supadude 6 жыл бұрын
How?
@montykemp4057 6 жыл бұрын
First somehow the first viewer.
@sample-text 4 жыл бұрын
Linus was so proud of that segue
@Xeno_Bardock 6 жыл бұрын
Step 1: Use Linux for anything important and sensitive. Step 2: Stick to open source stuff as much as possible. Step 3: Keep OS and Browsers fully updated, and Bios too if manufacturer released patches. Don't use Windows, except for gaming.
@coolblackjack1 6 жыл бұрын
This exploit is not windows only so just an os switch wont help
@Xeno_Bardock 6 жыл бұрын
Yes but with Linux you have almost no worries of getting meltdown/spectre malware. Windows on the other hand even if you are fully patched, it only takes modifying the setting in the registry to disable meltdown/spectre patches for a malware.
@TheRareGamer 6 жыл бұрын
"use Linux" bla bla bla... Just dont download shit or click stuff that looks fishy...
@Tonatsi 6 жыл бұрын
TheRareGamer Most of the world’s dangerous virus’ are self propagating, and make use of hacks to enter your computer without you realising. You don’t need to click on a page to get a virus, as some of them just found your computer online and went essentially: “Look, computer! Let’s take a look at those files!”
@ref3665 6 жыл бұрын
Or, just use your common sense. How about not downloading fortnite ESPs? And also, Linux is not more secure. Do some CVE hunting and you will realise how there are WAY more vulns and exploits for linux than for windows.
@fredy000 6 жыл бұрын
First to like my comment
@jackoneill5077 6 жыл бұрын
Fredy I fucking hate you
@joeldeakin2003 6 жыл бұрын
Second
@deevo2703 6 жыл бұрын
21st
@hedlund 6 жыл бұрын
You may have done this already, but if not: I'd really love to see a vlog or WAN Show segment regarding these vulns. Aside from wanting your personal opinion(s) on the whole spectacle, I want to know if you've any tips for us, because I'm sure I'm not alone in having less-than-savvy relatives and friends who are damn near guaranteed to achieve said meltdown in record time, and I really don't know how to begin explaining this to them.
@MycoolGaming 5 жыл бұрын
Those noises from the viruses are enough to give me nightmares and make me not download anything off the web again...
@JohnCena-hu3jq 5 жыл бұрын
People who made these are literally mad genius.
Hamster Kombat
Рет қаралды 55 МЛН
LowSpecGamer
Рет қаралды 795 М.
CopyPasta
Рет қаралды 55 М.
Распаковочка у Андрея
Рет қаралды 476 М.
FISPECKT
Рет қаралды 148 М.