Daniel Gruss (@lavados) is an Assistant Professor at Graz University
of Technology. He finished his PhD with distinction in less than 3
years and received a series of awards for his dissertation.
He has been involved in teaching operating system undergraduate
courses since 2010, and he received the TU Graz award for excellence
in teaching 2017/18. Daniel's research focuses on software-based
side-channel attacks that exploit timing differences in hardware and
operating systems. He implemented the first remote fault attack
running in a website, known as Rowhammer.js. He frequently speaks at
top international venues, such as Black Hat, Usenix Security, IEEE
S&P, ACM CCS, Chaos Communication Congress, and others. His research
team was one of the teams that found the Meltdown and Spectre bugs
published in early 2018.
With the beginning of last year, two major security vulnerabilities have been disclosed: Meltdown and Spectre. While mitigations in software and hardware have been rolled out right away, new variants have been continuously released in the following months. With all those confusing names, how can you possibly still have a clear overview of all those vulnerabilities (SpectreV1, SpectreV2, Meltdown, Spectre-NG, SpectreRSB, L1TF, Foreshadow, ...)? With this talk, we present a novel classification that will ease the naming complexity of the current jungle of variants. Along with all different attacks, we will give an overview of all proposed mitigations and show how an attacker still can mount an attack despite the presence of implemented countermeasures. Furthermore, we will present new variants of the Meltdown attack, exploiting different parts of the CPU.