Spectre

When you Accidentally Compromise every CPU on Earth
Daniel Boctor

What he's talking about here is virtual lockpicking. There is something about locks that attracts a certain kind of person, a person who says 'Hah! You think you can keep me out? I will show you. Nothing can keep me out. Your security is worthless!' The Lock Picking Lawyer comes to mind. They are people who like solving puzzles. I like solving puzzles, but I only enjoy working on puzzles that I can solve in short order, like five minutes. Oh, I might spend a couple of hours on a jigsaw puzzle, but that's about my limit.

I sometimes think about wading into computer security, but that is going to take a lot more time, and where's the payoff? Even if you manage to break into a computer system, are you even going to find anything valuable? And valuable to who? And would you trust anyone who sanctions breaking into someone else's computer system? Psychopaths could find ways to entice computer security experts into breaking into other's computers with enticements and challenges, but do you really want to be doing business with psychopaths? Get paid in cash and never tell them where you are. They'll sell you down the river in a heartbeat.

The crux of Spectre is that it can 'trick' the CPU into accessing memory belonging to another process because it is only a 'speculative' access. Another interesting bit is that apparently you can time how long it takes to access a single memory location. A simple way would be by setting a timer before reading memory and reading the timer afterwards, but that would mean locking out interrupts for the duration, and I'm pretty sure nobody but the operating system gets to lockout interrupts. Given that CPUs have gotten a zillion times more complex since I last fiddled with interrupts, there's probably several other ways to do it.