Michael Schwarz is an Infosec PhD candidate at Graz University of Technology with a focus on microarchitectural side-channel attacks and system security. He holds two master's degrees, one in computer science and one in software development with a strong focus on security. He frequently participates in CTFs and has also been a finalist in the European Cyber Security Challenge. He was a speaker at Black Hat Europe 2016, Black Hat Asia 2017 & 2018, and Black Hat US 2018, where he presented his research on microarchitectural side-channel attacks. He authored and co-authored several papers published at international academic conferences and journals, including USENIX Security 2016 & 2018, NDSS 2017, 2018 & 2019, IEEE S&P 2018 & 2019. He was part of one of the four research teams that found the Meltdown and Spectre bugs published in early 2018.
With the beginning of last year, two major security vulnerabilities have been disclosed: Meltdown and Spectre. While mitigations in software and hardware have been rolled out right away, new variants have been continuously released in the following months. With all those confusing names, how can you possibly still have a clear overview of all those vulnerabilities (SpectreV1, SpectreV2, Meltdown, Spectre-NG, SpectreRSB, L1TF, Foreshadow, ...)? With this talk, we present a novel classification that will ease the naming complexity of the current jungle of variants. Along with all different attacks, we will give an overview of all proposed mitigations and show how an attacker still can mount an attack despite the presence of implemented countermeasures. Furthermore, we will present new variants of the Meltdown attack, exploiting different parts of the CPU.