I run across an article that gives a fairly easy to understand descriptive out line of these two security flaws.
https://stratechery.com/2018/meltdown-sp...echnology/
I've actually discovered something close to the melt down flaw way back in 1984 on a old(even at that time.) Harris main frame that was used by the computer science students, Professors and the University's accounting department.
The Harris Main frame was a multi-user system with up to 1023 user terminals that used "Dynamic Allocation" to divide up the RAM and "very Fast"(for the time) disk memory. The allocation was very coarse and varied from user to user's time slice so their was always several kilobytes of memory allocated that wasn't written over by your data and program code when having it's slice of computing time.
I run across the flaw when I was writing programs for a machine language theory class, one of my assembler text handling programs had a flaw that kept generating terminals full of gibberish that often contained plaintext versions of other peoples user name and password.
It didn't seem so bad at first, after all their wasn't usually more than twenty students with the clearance to use the Harris assembler, but a little later I began to think about Harris BASIC, Fortran and COBOL and run a simple test program with BASIC and Fortran.
Both version did not "zero" out variables when they were allocated and it was stated in the manuals that they would contain random gibberish. I followed those test program up with a couple of more test programs and discovered the flaw was actually worse with BASIC and not so bad with Fortran.
A Harris BASIC programs method of execution and the ability to generate large arrays could give multiple snap shots of uncleared shared memory, while Harris Fortran only gave a single snapshot.
Harris Assembler was possibly the worst way to collect other records because it was allocated the smallest amount of uncleared memory and had the smallest buffers.
I've mostly kept up with the published works on CPU design and theory over the years and almost from the moment I understood the idea I've been bothered by the use of speculative execution as a method of increasing computation speed.
It wasn't until I started seeing hints and theories of what the Meltdown flaw was that I finally connected it to that old Harris main frame flaw and realized that's why "out of order speculative execution" has bothered me.
hmelton
https://stratechery.com/2018/meltdown-sp...echnology/
I've actually discovered something close to the melt down flaw way back in 1984 on a old(even at that time.) Harris main frame that was used by the computer science students, Professors and the University's accounting department.
The Harris Main frame was a multi-user system with up to 1023 user terminals that used "Dynamic Allocation" to divide up the RAM and "very Fast"(for the time) disk memory. The allocation was very coarse and varied from user to user's time slice so their was always several kilobytes of memory allocated that wasn't written over by your data and program code when having it's slice of computing time.
I run across the flaw when I was writing programs for a machine language theory class, one of my assembler text handling programs had a flaw that kept generating terminals full of gibberish that often contained plaintext versions of other peoples user name and password.
It didn't seem so bad at first, after all their wasn't usually more than twenty students with the clearance to use the Harris assembler, but a little later I began to think about Harris BASIC, Fortran and COBOL and run a simple test program with BASIC and Fortran.
Both version did not "zero" out variables when they were allocated and it was stated in the manuals that they would contain random gibberish. I followed those test program up with a couple of more test programs and discovered the flaw was actually worse with BASIC and not so bad with Fortran.
A Harris BASIC programs method of execution and the ability to generate large arrays could give multiple snap shots of uncleared shared memory, while Harris Fortran only gave a single snapshot.
Harris Assembler was possibly the worst way to collect other records because it was allocated the smallest amount of uncleared memory and had the smallest buffers.
I've mostly kept up with the published works on CPU design and theory over the years and almost from the moment I understood the idea I've been bothered by the use of speculative execution as a method of increasing computation speed.
It wasn't until I started seeing hints and theories of what the Meltdown flaw was that I finally connected it to that old Harris main frame flaw and realized that's why "out of order speculative execution" has bothered me.
hmelton