Why did Meltdown and Spectre bugs go undiscovered for so long?
Nearly 20 years these bugs have been present in the CPU's why wasn't this discovered sooner given the serious implications for all computers using these processors?
2
votes
Because the people who put them there didn't want them gone and very few people know enough to find the issue to begin with. This is more a philosophical question though, not a programming one. For that you want Stefan Molyneux. Voting to close.
– G_V
OK thank you but I still think it is programming relevant as these bugs can be exploited with programmers code!
– Adrian Evans
Yeah, but you understand that this question is waaay too broad and not programming specific. I mean, almost everything these days ties back to code at some point. Governments run on software, so do cars. But this stackexchange is specifically for solving extremely specific programming questions. Why would major companies receive CIA money to create backdoors into pretty much every system on the planet? Can you think of a code-related motivation for that? I don't think you can solve the question with code.
– G_V
@G_V: you're suggesting that CPU architects knew there was a security issue, but intentionally left it unfixed? Or that a specific CPU architect introduced them without anyone else realizing? That's quite a conspiracy theory, and not very plausible. Spectre is a fundamental consequence of out-of-order speculative execution + branch prediction. Meltdown has similar obvious (to a CPU architect) motivations for performance. See this 2012 answer from Intel P6 architect Andy Glew about why delayed permission checks on memory access makes sense.
– Peter Cordes
IMO, the discovery of Meltdown is kind of like discovering that CFCs deplete the ozone layer so we have to redesign / replace lots of existing hardware, or work around it. With new CPU hardware, Meltdown can be fixed for near-zero perf cost. Spectre is even worse: there's no clear path to a low-overhead way to mitigate it in general, in hardware or software. Even protecting the kernel itself from user-space is hard, let alone all of user-space.
– Peter Cordes
1 Answers
-3
votes
The answer is quite simple: modern CPUs have few billions transistors. For example, the latest Intel Skylake architecture has ~2 billion. Each transistor might have a state which influence the state of other transistors (i.e. those transistors are connected somehow).
Basically, this means there is so many possible permutations or states of the modern CPUs, we simply are not able to test in a lifetime. So we (or rather producer) test just some of the states and in some scenarios, leaving a potential room for dangerous corner cases.
Spectre and Meltdowns are such untested corner cases, but there might be much more there due to complexity of the modern CPUs.
