Reading
These two papers cover different aspects of our ongoing computer security nightmare. The first paper describes some fundamental changes to computer architecture that could help make C and C++ programs safer. These changes have been adopted by Arm on some of its processors! The second paper describes a speculation-related bug that stunned the world.
-
“CHERI: A hybrid capability-system architecture for scalable software compartmentalization”, Robert N. M. Watson, Jonathan Woodruff, Peter G. Neumann, Simon W. Moore, Jonathan Anderson, David Chisnall, Nirav Dave, Brooks Davis, Khilan Gudka, Ben Laurie, Steven J. Murdoch, Robert Norton, Michael Roe, Stacey Son, Munraj Vadera (IEEE Oakland 2015)
-
“Meltdown: Reading Kernel Memory from User Space”, Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Anders Fogh, Jann Horn, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, Mike Hamburg (USENIX Security 2018; presentation available
Reading questions
How would CHERI-style capabilities mitigate Meltdown problem—or not?