- 资讯
Google says Spectre and Meltdown were the worst vulnerabilities in a decade
时间:2010-12-5 17:23:32 作者:资讯 来源:新闻中心 查看: 评论:0内容摘要:Now that the patches across various platforms for the recently discovered Spectre and Meltdown vulneNow that the patches across various platforms for the recently discovered Spectre and Meltdown vulnerabilities have largely been deployed, Google has detailed how it managed to address these threats on its cloud services such as Gmail and Search before the public even knew about them. Hint: It wasn't easy.
In a lengthy blog post Thursday, Google's VP of 24/7 operations Ben Treynor Sloss explains how tough these security holes were to patch, and how long it took Google to fully fix all of them, even though it was Google's own Project Zero team that had discovered them.
SEE ALSO:Spectre and Meltdown are a danger for your bitcoins, but there are ways to keep them safeAccording to Sloss, Spectre and Meltdown are actually three different vulnerabilities, one of which -- a variant of Spectre -- was particularly hard to protect from. One solution involved disabling some CPU features, which would inevitably lead to slower performance.
Mashable Light SpeedWant more out-of-this world tech, space and science stories?Sign up for Mashable's weekly Light Speed newsletter.By signing up you agree to our Terms of Use and Privacy Policy.Thanks for signing up! "For months, hundreds of engineers across Google and other companies worked continuously to understand these new vulnerabilities and find mitigations for them," he wrote.
Finally, software engineer Paul Turner created Retpoline, a software that does the job without slowing down the machines it's applied to.
Sloss said that by December, all Google Cloud Platform services were protected from all variants of these vulnerabilities. The company deployed this solution across its infrastructure and open-sourced it so that others can benefit from it as well.
"This set of vulnerabilities was perhaps the most challenging and hardest to fix in a decade, requiring changes to many layers of the software stack. It also required broad industry collaboration since the scope of the vulnerabilities was so widespread," wrote Sloss.
Featured Video For You
3 security issues facing self-driving cars
- 最近更新
-
-
2024-09-22 06:52:00抖音超600万次传播量!广东省农事运动会乡村直播大赛火出圈
-
2024-09-22 06:52:00G7 finance chiefs move to diversify supply chains
-
2024-09-22 06:52:00Herald Retirees' Gathering
-
2024-09-22 06:52:00Nadal pulls out of Madrid
-
2024-09-22 06:52:00Alcaraz vs. Van de Zandschulp 2024 livestream: Watch US Open for free
-
2024-09-22 06:52:00市市场监管局督导芦山县“春雷行动2021”工作推进情况
-
2024-09-22 06:52:00New START: Biden has just days to save a key nuclear treaty with Russia.
-
2024-09-22 06:52:00Airbnb is testing its anti
-
- 热门排行
-
-
2024-09-22 06:52:00What to expect from Apple's September event: iPhone 16, Apple Watch 10, and more
-
2024-09-22 06:52:00Martial handed chance to salvage Man Utd career
-
2024-09-22 06:52:00DP lawmaker says he will leave party amid cryptocurrency scandal
-
2024-09-22 06:52:00PGA Tour releases autumn schedule
-
2024-09-22 06:52:00蒙顶山茶有了专属茶器
-
2024-09-22 06:52:00[H.eco Forum] Korea should promote eco
-
2024-09-22 06:52:00多举措 强监管 净化校园金融市场环境
-
2024-09-22 06:52:00Peaty out of world swimming championships
-
- 友情链接
-