3

Meltdown and Spectre have both been announced at the same time, almost always in the same sentence. Is there a connection, other than timing and the fact that they attack chips? Are they used together in tandem to exploit a system? Or is it just coincidence that they were announced at the same time?

Goose
  • 1,384
  • 1
  • 11
  • 17

1 Answers1

3

These are all attacks in the same area, i.e. using side channels during speculative execution in CPU's. It is not uncommon that if you find one problem you look deeper and find even more problems in the same area.

Steffen Ullrich
  • 190,458
  • 29
  • 381
  • 434
  • This doesn't really answer the question. There is an objective answer as to why the two were announced together (which has something to do with collaboration). I don't believe it's as simple as finding one problem and then suddenly finding a similar, related one. – forest Jan 10 '18 at 07:15
  • @forest: I think we understand the question in a different way which is no surprise since it actually asks multiple related questions. I've interpreted it in a way that it asks why the issues were __found__ at about the same time while you seem to focus on why they were publicly __disclosed__ together. There is [another question](https://security.stackexchange.com/questions/177166/why-were-meltdown-and-spectre-disclosed-at-the-same-time/177169) which focuses on this part. But given that the OP accepted the answer I probably was not that wrong with my interpretation of the question. – Steffen Ullrich Jan 10 '18 at 10:52