Simple explanation of Meltdown and Specter problems in modern CPUs - NewCydiaTweaks


Post Top Ad

Post Top Ad

Friday, January 5, 2018

Simple explanation of Meltdown and Specter problems in modern CPUs

If you have not been living in a cave for the past week, chances are you've seen written or heard about these two names: Meltdown and Specter . So they have baptized the vulnerabilities that allow to obtain confidential data of any computer system (that is, any computer, tablet, smartphone or even TVs, cars etc) due to a bug that this time is physical , is produced by a bad design decision Many years ago. The only way to fix it is to change the CPU, but since we can not do that on an iPhone or iPad, changes are being implemented in operating systems to solve it by software.
In this article, we will try to explain in a general and simple way what this is about Meltdown and Specter.

What is Meltdown and Specter?

Meltdown and Specter are the names that have given to the vulnerabilities, that is to say, the methods that allow a program to read confidential data supposedly out of reach. A malicious person, with a program running on the system from which he wants to extract information, can use these methods to access it even if he does not have the administrator password.
This is a problem in the design of the CPU hardware , which was initially attributed to Intel chips but was later demonstrated also in those of other manufacturers such as AMD (although to a lesser extent due to design changes in its architecture that they took many years ago) or ARM. The iPhone or iPad, as you probably already know, use CPUs that although designed by Apple, use the architecture of ARM, and therefore, are affected by this problem . Not all ARM CPUs are affected by this problem, but in general, most processors manufactured in the last ten years , both x86 and ARM, present this problem.

Why do they appear now?

Because, until now, they had not met and proved. The problem is complex to explain but basically resides in a small cache memory that processors use to speed up the execution of instructions. The vulnerabilities take advantage of a prediction system that loads data in this cache memory in advance and then does not erase it in its entirety, thus allowing the reading of that data little by little. It is a laborious process and requires the installation of a program in the system, with its administrator password, to function.

Is my iPhone in danger?

It depends on the model, but in principle, do not worry too much. To use this bug to access information, you need to install a program. Apple iOS devices only allow you to install Apps from the App Store, and unless some malicious App slips to Apple, in general there is no need to worry. On a Mac or PC running Windows / Linux, where you can easily install a program obtained anywhere, you run a greater risk, encouraged above all by piracy. That's why there are already updates like macOS 10.13.2 and also in Windows and Linux that alleviate this problem almost in its entirety. iOS 11.2 also contains a patch for this problemApple, Microsoft, Google etc continue working to avoid this problem via software, even more, in future updates.

Will I lose speed after installing these updates?

Yes, but in the vast majority of cases, this loss of speed of process is not perceptible, although some say in other media that you can get to lose 30% speed. Many of us use iOS 11.2, which has a patch to solve this problem to some degree, and we have not noticed speed problems beyond what Apple itself has deliberately implemented , for other reasons.
In general, this problem will go largely unnoticed by most iPhone users.

Post Top Ad