Main Page

Go to this comic explanation

|< < Prev Comic #1938 (January 5, 2018)

Meltdown and Spectre

Title text: New zero-day vulnerability: In addition to rowhammer, it turns out lots of servers are vulnerable to regular hammers, too.

Explanation

This explanation may be incomplete or incorrect: Looks good, but something seems to be missing. Could someone recheck this again? Do NOT delete this tag too soon.

This comic was inspired by the Meltdown and Spectre bugs in certain processors. These vulnerabilites were disclosed to the public the week of this comic. The bugs made big news because they broke the "walls" between programs, in some circumstances allowing malware to steal secrets from normal, bug-free programs.

Speculative execution is a technique used to speed up computer processors. Processors handle instructions in a series of steps, like an assembly line. The processor works on several successive instructions, each at a different stage in the assembly line. It may start speculatively executing instructions that follow a decision before the logic on whether or not they should be execute is finished. Once the decision is made, it keeps results from the selected path, and discards unnecessary processing. This allows it to keep doing useful work while some slower decision is made. Ponytail uses trolley tracks as an analogy for streams of instructions in a program.

The Trolley Problem is a thought experiment where an out-of-control trolley is heading to a switch which you control. Leaving the switch as-is will cause it to kill multiple people stuck on the tracks, but switching the track will cause it to kill one person; this creates the ethical dilemma of passively causing multiple deaths versus actively causing one. The Trolley Problem has gained significant memetic traction, helped in no small part by its inclusion in every introduction to philosophy college course.

The "quantum" aspect of this is that in some interpretations of quantum theory, quantum-level particles can be viewed as taking every possible path at once and the result is the sum of all of them. Or it might be related to some interpretations of Schrödinger's cat, in that the system can be regarded as being in both states until some event results in one of the states being selected.

Meltdown and spectre result from incorrect implementations of speculative execution, where the effects of speculatively executed instructions are not completely discarded. The phantom trolley driving through walls is an analogy for the computer instructions being able to access protected areas.

Contrary to what the comic implies, in many cases both paths are not simultaneously taken during speculative execution. A Branch predictor may be used to select the most likely path, and the effects should be completely erased if the predicted path is incorrect. Both branch prediction and taking both paths, also known as eager evaluation, are considered speculative execution and are affected by these bugs.

The Row Hammer problem has been known for many years before this cartoon. A common form of computer memory is constructed from tiny capacitors organized in a two-dimensional grid of rows and columns. Capacitors store charge to represent information. By applying a pattern of memory access that rapidly changes a row of capacitors, you can cause charge to overflow to nearby rows and incorrectly change their states.

Ponytail mentions that we suck at building "shared computers" because Rowhammer, Spectre, and Meltdown all break down the security divisions built between programs and between users. A hacker running a separate program in a separate account shouldn't be able to access your secrets or change the behavior of your program, but these problems allow them to. This is particularly dangerous for time-sharing, servers and the cloud, where different programs, websites, or even companies can be sharing the same hardware.

Cueball took her explanation literally, and came to the conclusion that the cloud "is full of phantom trolleys armed with hammers". Instead of correcting him, Ponytail decides to accept his interpretation. (perhaps because she found this idea to be kinda cool)

The title text humorously states that as well as row hammer, computer servers also can be harmed by regular hammers. A zero-day vulnerability is an attack that takes advantage of a vulnerability that hasn't been published yet, and so it's not patched in any vulnerable system. This would imply that the Rowhammer vulnerability is what inspired someone to try taking a hammer to a server. One might "patch" a server against this attack by plating it with stronger metal.

Transcript

[Cueball and Ponytail are walking.]

Cueball: The Meltdown and Spectre exploits use "speculative execution?" What's that?

Ponytail: You know the trolley problem? Well, for a while now, CPUs have basically been sending trolleys down both paths, quantum-style, while awaiting your choice. Then the unneeded "phantom" trolley disappears.

[Ponytail framed alone, facing left. They have stopped walking.]

Ponytail: The phantom trolley isn't supposed to touch anyone. But it turns out you can still use it to do stuff.

Ponytail: And it can drive through walls.

[Cueball and Ponytail are standing, facing each other.]

Cueball: That sounds bad.

Ponytail: Honestly, I've been assuming we were doomed ever since I learned about Rowhammer.

Cueball: What's that?

Ponytail: If you toggle a row of memory cells on and off really fast, you can use electrical interference to flip nearby bits and—

Cueball: Do we just suck at ... computers?

Ponytail: Yup. Especially shared ones.

[They resume walking to the right.]

Cueball: So you're saying the cloud is full of phantom trolleys armed with hammers.

Ponytail: ...Yes, that is exactly right.

Cueball: Okay. I'll, uh... install updates?

Ponytail: Good idea.