1. What are Meltdown and Spectre?

Meltdown and Spectre are two critical processor bugs that were discovered by security researches in January 2018. Both vulnerabilities affect Intel, AMD, and ARM chips, and create a loophole for hackers to access data from any systems that use this hardware (most computers, mobile devices, etc.)

To understand what these flaws are, you need to first understand something called speculative execution. Often times, computers are already thinking ahead before they process information for you; this is called speculative execution. When that preprocessed information is not needed, it is discarded into the computer's cache.

Both of these vulnerabilities can lead to speculative execution side-channel attacks. That's a fancy way of saying that they allow hackers to access data saved in the computer's cache (i.e. the discarded code generated by speculative execution).

If you want to get more technical about the difference between these two vulnerabilities, check out the papers that initially reported on Meltdown and Spectre

Additional info: Applications are designed to work in isolation from other applications' arbitrary locations, the kernel memory of your system, as well as other web browsers. Essentially, there is a wall separating each of these memory locations, which is what Meltdown and Spectre have started to exploit.When a process is formulated and not executed for a specific reason, that data are stored in a cache memory called which can be accessed by anyone without admin privileges, which is exactly what meltdown and spectre are trying to exploit. In overall, Meltdown is a crack in the wall between the kernel memory and the arbitrary memory of applications, while Spectre is a crack in the wall between applications' arbitrary memory locations.