I haven’t post anything in a while, and the recent disclosure of the Meltdown and Spectre attacks reminded me of a little presentation a friend of mine, Alberto Serrano, and I did as an assignment for the course Computer Structure & Organization, from the past year on the university.
Spectre and Meltdown both rely on side-channel attacks, measuring the time taken to access memory to determine if some value was on cache memory or not, allowing any process to read any memory position it wants to. Of course, it’s more complicated than that; but the point is that side-channel attacks still are a very dangerous attack vector. One that should be taken in account when designing (or attacking) any system.
On this course, CS & O, we were told to make a little presentation of roughly 10 minutes, so it’s very short; but it may still have some interesting things.