Slashdot It! | Share
Updated: 06th January 2018
Randall Munroe's webcomic XKCD has an excellent summary (far better than mine) of Meltdown and Spectre:
But I do have a minor criticism of the mouse-over text: "New zero-day vulnerability: In addition to rowhammer, it turns out lots of servers are vulnerable to regular hammers, too."
Anyone who's studied information security standards, such as ISO/IEC 27000, will know that, while the specific threat of a regular hammer is not usually mentioned, the general class of physical attacks is. For example, Douglas Adams in his book "The Hitchhiker's Guide To The Galaxy" quotes Zaphod Beeblebrox as saying, "Computer... if you don't open that exit hatch this moment I shall zap straight off to your major data banks and reprogram you with a very large axe, got that?" Controls to mitigate this class of attacks vary according to the value of the systems and the perceived threat level, but include a wide variety of measures, such as locked doors, guards (possibly armed, Quis custodiet ipsos custodes?) and off-site backups.