Meltdown and Specter are the first big holes of 2018. For its discoverer, Jann Horn, 23, every major media is full of curiosity. Recently, Bloomberg News opened the story behind “digging holes” by interviewing the German guy and the people around him.
In high school, Horn’s math and physics scores are quite good, is a science of science. In 2013, Horn and his classmates took part in a government-run competition to participate in a reception for the distinguished German boy in Berlin hosted by German Chancellor Angela Merkel in Berlin. He raised the topic of conceiving a method of controlling the movement of double pendulums Pendulum is a well-known mathematical problem).
The feather guy then did a good job of writing the software, using sensors to predict double-pendulum movements, and correcting accidental moves with magnets, getting fifth place in the competition with classmates, winning tickets, Merkel received the interview.
After attending college, Horn often makes some interesting tweets, such as exploring ways to circumvent an important security feature that is designed to prevent malicious code from infecting users’ computers. This was seen by the then CEO of a security consultancy called “Cure53” who, due to similar research methods, invited Horn, who was less than 20 years old, to join the company.
Soon, the CEO found that he might have picked up a “gold”, just the sophomore’s Horn, had been engaged in post-doctoral research at the university. Since cybersecurity is a highly practical discipline, they have since collaborated on essays and applied for patents.
In other words, close to graduation, while other students are still bitter forced to find work, to worry about their livelihood, a simple and honest Horn, not only favored by BOSS, but also hold a patent, a proper life winner.
But after graduating, Horn did not continue to work in the old club, but chose to join the famous Google “Project Zero” team, the former boss “very reluctantly” gave him a passionate recommendation letter.
He said in an interview, “Google is his dream, we can not stop him, although he left me so painful. Now he can achieve such an achievement, in fact, with his usual careful study is inseparable, this is a piece It’s a matter of course. ”
As a member of Google’s “Project Zero,” day after day looking for zero-day exploits that could potentially be exploited by hackers and then invade computer systems, Lei Feng found that the two attacks “Meltdown” and “Specter” Horn discovered this time, But it is not intentional.
TO: Zero-day vulnerabilities, security terms, generally refers to a newly discovered and has not been open to anyone’s system vulnerabilities, allowing attackers to further use. Due to the nature of zero-day vulnerabilities, the related vulnerabilities are not blocked as soon as possible, and this is where Google’s Project Zero team is working: find these zero-day vulnerabilities and inform them of the first time they are affected Unit, make repairs as soon as possible.
For their own research chew thousands of pages of manual, accidentally found the biggest security breach in history
As for how to discover, but also from April last year, talking about.
At that time, Horn, in order to ensure that the computer hardware can handle a very complex arithmetic code he wrote, he began to carefully study the thousands of pages of Intel processor manual, it is in this process, he accidentally discovered the world Computer chip major loopholes.
One of the processor handbooks is the speculation executive, a speed-boosting technique that lets the processor guess a portion of the code to be executed in the next step and execute those steps ahead of time. The handbook states that if the processor guesses wrongly, the data fetched by mistake is still stored in the chip cache.
This sentence to see Horn tiger startled, if so, then the message is likely to be made by savvy hackers.
At that time, I realized that the code pattern we are using may reveal confidential data.
This exploit exploited the failure of the CPU execution due to the current introduction of out-of-order execution and predictive execution by the CPU in order to provide performance. Horn said in an e-mail, in theory, it may not only affect the code snippets we are writing.
So he launched a further investigation, began to carefully study how the implementation of the chip speculation process.
Horn then discussed the issue with his fellow Felix Wilhelm, and with some similar research by Wilhelm, he concluded that test techniques could be reverse-engineered to force the processor to execute new speculative execution routines and have it retrieve data Acquired by hackers.
After this chip attack was discovered, Horn consulted with Robert Swiecki, another Google colleague, and tested some of his ideas with his computer to confirm the authenticity of the vulnerability.
On June 1 last year, Horn listened to Swiecki’s advice and told Intel, ARM and AMD about the vulnerability.
source : buzzorange.com
share : www.yuyiplc.com