Whack-a-Meltdown: Microarchitectural Security Games [Systems Attacks and Defenses]

In early 2018, the disclosure of Spectre ¹ and Meltdown ² exposed the security risks inherent in speculative and out-of-order execution, which were hitherto considered harmless and valuable performance optimizations. In a nutshell, these attacks demonstrated that transient execution, where the computer executes code speculatively before reverting execution, leaves side effects on the microarchitecture, allowing adversaries to retrieve data across software- and hardware-enforced security boundaries.