The Elite Intel Team Still Fighting Meltdown and Spectre
A year ago today, Intel coordinated with a web of academic and independent researchers to disclose a pair of security vulnerabilities with unprecedented impact. Since then, a core Intel hacking team has worked to help clean up the mess—by creating attacks of their own.
Known as Spectre and Meltdown, the two original flaws—both related to weaknesses in how processors manage data to maximize efficiency—not only affected generations of products that use chips from leading manufacturers like Intel, AMD, and ARM, but offered no ready fix. The software stopgaps Intel and others did roll out caused a slew of performance issues.
On top of all of this, Meltdown and particularly Spectre revealed fundamental security weaknesses in how chips have been designed for over two decades. Throughout 2018, researchers inside and outside Intel continued to find exploitable weaknesses related to this class of "speculative execution" vulnerabilities. Fixing many of them takes not just software patches, but conceptually rethinking how processors are made.