542
Encryption-breaking, password-leaking bug in many AMD CPUs could take months to fix
(arstechnica.com)
This is a most excellent place for technology news and articles.
ELI5 how this works?
A CPU performs operations like "read a small bit of thing from the memory into the CPU" and "do a small bit of computation on things inside the CPU" and "put a small bit of thing from the CPU into the memory".
Doing small bits of computation on things inside the CPU is very fast but moving bits of things from or to the memory is slow in comparison. In order to not be slowed down, CPUs read the code ahead of what is currently being executed, and try to guess what is going to happen and what will need to be moved from the memory into the CPU, so they can do it ahead of time, and have the small bit of thing from the memory already available right there in the CPU when it's time to do a bit of computation on it. That way, there is no need to wait on slow memory, and the CPU runs much faster overall. That's a good thing.
In this case, a researcher found a way to make certain CPUs guess what is going to happen with the code wrong, in such a way that the small bits of things that were read from the memory ahead of time do not get properly cleaned up, and can still be found inside the CPU by another program. Those small bits of things might be your password or banking details, so that's bad.