Now that the patches across various platforms for the recently discovered Spectre and TahongMeltdown vulnerabilities have largely been deployed, Google has detailed how it managed to address these threats on its cloud services such as Gmail and Search before the public even knew about them. Hint: It wasn't easy.
In a lengthy blog post Thursday, Google's VP of 24/7 operations Ben Treynor Sloss explains how tough these security holes were to patch, and how long it took Google to fully fix all of them, even though it was Google's own Project Zero team that had discovered them.
SEE ALSO: Spectre and Meltdown are a danger for your bitcoins, but there are ways to keep them safeAccording to Sloss, Spectre and Meltdown are actually three different vulnerabilities, one of which -- a variant of Spectre -- was particularly hard to protect from. One solution involved disabling some CPU features, which would inevitably lead to slower performance.
"For months, hundreds of engineers across Google and other companies worked continuously to understand these new vulnerabilities and find mitigations for them," he wrote.
Finally, software engineer Paul Turner created Retpoline, a software that does the job without slowing down the machines it's applied to.
Sloss said that by December, all Google Cloud Platform services were protected from all variants of these vulnerabilities. The company deployed this solution across its infrastructure and open-sourced it so that others can benefit from it as well.
"This set of vulnerabilities was perhaps the most challenging and hardest to fix in a decade, requiring changes to many layers of the software stack. It also required broad industry collaboration since the scope of the vulnerabilities was so widespread," wrote Sloss.
Topics Cybersecurity Google
(Editor: {typename type="name"/})
Dave Colon ,November 6, 2017 Joe Ricketts,
...[Details]
Kate Joyce's Photographs of Jonny Greenwood and the Big Ears Music Festival
Big, Bent Ears, Chapter 7: Anatomy of a SequenceBy Nicole RudickJuly 22, 2015Big, Bent EarsTape mark
...[Details]
Cat Pianos and Other Wondrous Imaginary Instruments
Tickle the Feline Ivories, and Other NewsBy Dan PiepenbringJuly 17, 2015On the ShelfIllustration of
...[Details]
Remembering James Salter: On His Essay “The Skiing Life”
The Skiing LifeBy Louisa ThomasJune 25, 2015In MemoriamIn memory of James Salter, who died last week
...[Details]
Dave Denison ,January 26, 2018 Presidentia
...[Details]
Defunct Magazines: How “Desert” Captured the Southwest
The Magazine of the SouthwestBy Dan PiepenbringJuly 17, 2015LookFrom Desert’s masthead.Nicole’s staf
...[Details]
We’re Bringing Back Our #ReadEverywhere Contest
#ReadEverywhere ReturnsBy The Paris ReviewJuly 2, 2015ContestsLast year’s winning entry, by Da
...[Details]
Nick Sousanis on How Comics Help Us Make Connections
Thinking Through Images: An Interview with Nick SousanisBy Timothy HodlerJuly 20, 2015At WorkFirst i
...[Details]
Epic Systems v. The Work Force
Jennie Rose Halperin ,June 15, 2018 Epic S
...[Details]
Mister SunBy Sadie SteinJune 19, 2015Our Daily CorrespondentAlbert Anker, Portrait of a Boy, ninetee
...[Details]
接受PR>=1、BR>=1,流量相当,内容相关类链接。
<em>The Voice</em> and Its Village 
Staff Picks: Lorenzo Chiera, Michael Friedman, Yuknavitch 
Geoff Dyer on James Salter’s First Novel, “The Hunters” 
Edgar Allan Poe’s “Eureka” and the Machinery of the Universe 
NYT Strands hints, answers for May 24 
