Home / Series / Chaos Communication Congress / Aired Order / Season 35 / Episode 83

A Christmas Carol - The Spectres of the Past, Present, and Future

With the beginning of last year, two major security vulnerabilities have been disclosed: Meltdown and Spectre. While mitigations in software and hardware have been rolled out right away, new variants have been continuously released in the following months. With all those confusing names, how can you possibly still have a clear overview of all those vulnerabilities (SpectreV1, SpectreV2, Meltdown, Spectre-NG, SpectreRSB, L1TF, Foreshadow, ...)? With this talk, we present a novel classification that will ease the naming complexity of the current jungle of variants. Along with all different attacks, we will give an overview of all proposed mitigations and show how an attacker still can mount an attack despite the presence of implemented countermeasures. Furthermore, we will present new variants of the Meltdown attack, exploiting different parts of the CPU.

English
  • Originally Aired December 28, 2018
  • Runtime 60 minutes
  • Production Code 9893
  • Created December 27, 2018 by
    Administrator admin
  • Modified December 27, 2018 by
    Administrator admin
Name Type Role
Claudio Canella Director
Moritz Lipp Director
Michael Schwarz Director
Daniel Gruss Director