An Interest In:
Web News this Week
- April 24, 2024
- April 23, 2024
- April 22, 2024
- April 21, 2024
- April 20, 2024
- April 19, 2024
- April 18, 2024
Some of Our Sources
- Technology Review
- Web Designer Wall
- Abduzeedo
- TutsPlus - Design
- Creative Curio
- Crazy Leaf Design
- My Ink Blog
- Android Headlines
- Dev To
- Hashedout
Help Webnuz
Referal links:
May 21, 2019 04:00 pm
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/2MjQI-pMHOM/behind-the-naming-of-zombieload-and-other-intel-spectre-like-flaws
Behind the Naming of ZombieLoad and Other Intel Spectre-Like Flaws
secwatcher writes: There was a lot more to the name game behind choosing titles for ZombieLoad, Spectre and Meltdown than picking cool and edgy attack titles. If you have ever wondered why they were named what they were, Threatpost tracked down one of the researchers behind the naming convention (and discovery) and found out. Much like the funky titles of advanced persistent threat groups, these speculative execution attacks, which impact Intel CPUs, are often named to reflect the impact behind the vulnerabilities, their attributes and how the attack processes work. "We always try to come up with names that somehow resemble the nature of the attack," Daniel Gruss, a security researcher from the Graz University of Technology and one of the founders of the ZombieLoad flaw, told Threatpost in a recent podcast interview. When it comes to ZombieLoad, "the nature of the attack is also something which fits the name very well," said Gruss. That's because the attack relies on the processor sending multiple load requests out to load data (instead of loading data once), as a result of the chip carrying out processes that will work in the most optimistic, opportunistic way, said Gruss. Spectre and Meltdown, for their part, have their own history behind their names. The idea for naming Spectre after a ghost -- also known by its logo, of a malevolent-looking ghost with a stick in its hand -- came from from Paul Kocher, one of the collaborating researchers who discovered the flaw. "The reasoning behind the name was that Spectre is ... it's not a nice spectre," Gruss told Threatpost. Meltdown, meanwhile, was so named because the vulnerability "melts security boundaries which are normally enforced by the hardware." But beyond that, unlike Spectre, the attack can be fixed and won't haunt users for years to come, said Gruss.Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/2MjQI-pMHOM/behind-the-naming-of-zombieload-and-other-intel-spectre-like-flaws
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot