https://blog.qife122.com/tags/%E7%BC%93%E5%AD%98%E4%BE%A7%E4%BF%A1%E9%81%93/ Recent content in 缓存侧信道 on 办公AI智能小助手 Hugo zh-cn qife Sat, 20 Sep 2025 05:10:09 +0800 https://blog.qife122.com/p/%E6%B7%B1%E5%85%A5%E8%A7%A3%E6%9E%90%E5%B9%BD%E7%81%B5%E6%BC%8F%E6%B4%9Espectrev1%E4%B8%8Ev2%E5%88%A9%E7%94%A8%E9%A2%84%E6%B5%8B%E6%89%A7%E8%A1%8C%E4%B8%8E%E7%BC%93%E5%AD%98%E4%BE%A7%E4%BF%A1%E9%81%93%E7%9A%84%E6%94%BB%E5%87%BB%E5%8E%9F%E7%90%86/ Sat, 20 Sep 2025 05:10:09 +0800 https://blog.qife122.com/p/%E6%B7%B1%E5%85%A5%E8%A7%A3%E6%9E%90%E5%B9%BD%E7%81%B5%E6%BC%8F%E6%B4%9Espectrev1%E4%B8%8Ev2%E5%88%A9%E7%94%A8%E9%A2%84%E6%B5%8B%E6%89%A7%E8%A1%8C%E4%B8%8E%E7%BC%93%E5%AD%98%E4%BE%A7%E4%BF%A1%E9%81%93%E7%9A%84%E6%94%BB%E5%87%BB%E5%8E%9F%E7%90%86/ <h1 id="幽灵漏洞spectre变体1与变体2技术解析">幽灵漏洞（Spectre）变体1与变体2技术解析</h1> <h2 id="spectre变体1">Spectre（变体1）</h2> <p>幽灵漏洞变体1允许程序读取其本无权访问的内存。Spectre V1攻击之所以可行，是因为分支预测和预测执行两种优化的结合。攻击通过欺骗条件分支预测器跳过安全检查，在错误上下文中预测执行指令，再通过缓存计时侧信道观察这些指令的效果。</p> https://blog.qife122.com/p/%E6%B7%B1%E5%85%A5%E6%B5%85%E5%87%BA%E8%A7%A3%E6%9E%90meltdown%E4%B8%8Espectre%E6%BC%8F%E6%B4%9E%E4%B8%8A%E7%AF%87%E5%A4%84%E7%90%86%E5%99%A8%E8%AE%BE%E8%AE%A1%E7%BC%BA%E9%99%B7%E4%B8%8E%E5%86%85%E6%A0%B8%E5%86%85%E5%AD%98%E7%AA%83%E5%8F%96/ Sat, 20 Sep 2025 00:33:38 +0800 https://blog.qife122.com/p/%E6%B7%B1%E5%85%A5%E6%B5%85%E5%87%BA%E8%A7%A3%E6%9E%90meltdown%E4%B8%8Espectre%E6%BC%8F%E6%B4%9E%E4%B8%8A%E7%AF%87%E5%A4%84%E7%90%86%E5%99%A8%E8%AE%BE%E8%AE%A1%E7%BC%BA%E9%99%B7%E4%B8%8E%E5%86%85%E6%A0%B8%E5%86%85%E5%AD%98%E7%AA%83%E5%8F%96/ <h1 id="meltdown与spectre可访问性概述上篇">Meltdown与Spectre可访问性概述（上篇）</h1> <p><em>Artem Dinaburg | 2018年1月30日</em><br> <em>编译器, 漏洞利用</em></p> <p>过去几周，现代处理器中两个关键设计缺陷的细节终于向公众披露。虽然关于Meltdown和Spectre影响的讨论很多，但关于攻击原理和运作机制的详细说明却很少。本文试图以通俗的方式填补这一空白。</p> https://blog.qife122.com/p/%E6%B7%B1%E5%85%A5%E6%B5%85%E5%87%BA%E8%A7%A3%E6%9E%90meltdown%E4%B8%8Espectre%E6%BC%8F%E6%B4%9E%E4%B8%8A%E7%AF%87%E8%AE%A1%E7%AE%97%E6%9C%BA%E6%9E%B6%E6%9E%84%E6%BC%8F%E6%B4%9E%E7%9A%84%E9%9A%90%E7%A7%98%E5%88%A9%E7%94%A8/ Fri, 19 Sep 2025 20:54:06 +0800 https://blog.qife122.com/p/%E6%B7%B1%E5%85%A5%E6%B5%85%E5%87%BA%E8%A7%A3%E6%9E%90meltdown%E4%B8%8Espectre%E6%BC%8F%E6%B4%9E%E4%B8%8A%E7%AF%87%E8%AE%A1%E7%AE%97%E6%9C%BA%E6%9E%B6%E6%9E%84%E6%BC%8F%E6%B4%9E%E7%9A%84%E9%9A%90%E7%A7%98%E5%88%A9%E7%94%A8/ <h1 id="meltdown与spectre可访问性概述上篇">Meltdown与Spectre可访问性概述（上篇）</h1> <p>在过去几周，现代处理器中两个关键设计缺陷的细节终于向公众披露。关于Meltdown和Spectre的影响已有大量讨论，但关于这些攻击原理及运作方式的详细说明却很少。本文将尽力弥补这一空白。</p> https://blog.qife122.com/p/%E6%B7%B1%E5%85%A5%E6%B5%85%E5%87%BA%E8%A7%A3%E6%9E%90meltdown%E4%B8%8Espectre%E6%BC%8F%E6%B4%9E%E7%AC%AC%E4%B8%80%E9%83%A8%E5%88%86/ Fri, 05 Sep 2025 15:18:47 +0800 https://blog.qife122.com/p/%E6%B7%B1%E5%85%A5%E6%B5%85%E5%87%BA%E8%A7%A3%E6%9E%90meltdown%E4%B8%8Espectre%E6%BC%8F%E6%B4%9E%E7%AC%AC%E4%B8%80%E9%83%A8%E5%88%86/ <h1 id="meltdown与spectre可访问性概述第一部分">Meltdown与Spectre可访问性概述（第一部分）</h1> <p>在过去几周，现代处理器中两个关键设计缺陷的细节终于向公众披露。虽然关于Meltdown和Spectre影响的讨论很多，但关于这些攻击究竟是什么以及如何运作的详细说明却很少。我们将尽力弥补这一空白。</p> https://blog.qife122.com/p/%E6%B7%B1%E5%85%A5%E6%B5%85%E5%87%BA%E8%A7%A3%E6%9E%90meltdown%E4%B8%8Espectre%E6%BC%8F%E6%B4%9E%E7%AC%AC%E4%B8%80%E9%83%A8%E5%88%86/ Fri, 05 Sep 2025 06:39:45 +0800 https://blog.qife122.com/p/%E6%B7%B1%E5%85%A5%E6%B5%85%E5%87%BA%E8%A7%A3%E6%9E%90meltdown%E4%B8%8Espectre%E6%BC%8F%E6%B4%9E%E7%AC%AC%E4%B8%80%E9%83%A8%E5%88%86/ <h1 id="meltdown与spectre可访问性概述第一部分">Meltdown与Spectre可访问性概述（第一部分）</h1> <p>在过去几周，现代处理器中两个关键设计缺陷的细节终于向公众披露。虽然关于Meltdown和Spectre影响的讨论很多，但关于这些攻击究竟是什么以及如何运作的详细说明却很少。我们将尽力弥补这一空白。</p>