Understanding Meltdown and Spectre

How Meltdown and Spectre exploit your personal data?

Meltdown can break the basic mechanism in the CPU that prevents one application from accessing another application's arbitrary memory, leaving system data vulnerable. Spectre, on the other hand, tricks applications into using random arbitrary locations instead of their own . In short, both processor bugs exploits a computer's kernel memory to obtain data from its CPU memory.

What are the personal data that Meltdown and Spectre can access?

Meltdown and Spectre use side channels to access cached information from instructions executed on the CPU. Simply put, these flaws can allow access to information that would otherwise be inaccessible, including sensitive data like passwords, personal photos, email IDs, cryptographic keys, and more. For in-depth information, please refer to the papers that initially reported on Meltdown and Spectre.