Why the Raspberry Pi's immune to the Meltdown and Spectre bugs

The tiny $35 microcomputer is your safest bet to avoid the crippling chip flaws

While the Meltdown and Spectre CPU flaws have caused widespread security issues for expensive, high-end computers using Intel, ARM and AMD chips, there's one processor that remains blissfully unaffected - the humble Raspberry Pi.

The $35 microcomputer (as well as all of its variants) is not vulnerable to the recently discovered bugsbecause the CPU it uses does not utilise out-of-order processing, the Raspberry Pi Foundation revealed last Friday.

Meltdown and Spectre allow attackers to read data from locations in a chip system kernel's address space and current address space respectively, exploiting flaws in the way CPUs employ caching and speculative execution.

"Modern processors go to great lengths to preserve the abstraction that they are in-order scalar machines that access memory directly," Raspberry Pi founder Eben Upton explained in a blog post, "while in fact using a host of techniques including caching, instruction reordering, and speculation to deliver much higher performance than a simple processor could hope to achieve."

"Meltdown and Spectre are examples of what happens when we reason about security in the context of that abstraction, and then encounter minor discrepancies between the abstraction and reality. The lack of speculation in the ARM1176, Cortex-A7, and Cortex-A53 cores used in Raspberry Pi render us immune to attacks of the sort."

So while your top-of-the-range work device might be vulnerable to hackers, your garage Pi project remains happily safe from the threat.

Researchers have noted that while newer and more powerful machines are rendered vulnerable by this bug, older 'obsolete' machines remain secure. As an experiment, engineer and NUS School of Computing graduate Yeo Kheng Meng managed to get a modern Linux distro running on a 25-year-old IBM PC from 1993 - an x86 machine that isn't vulnerable to Meltdown or Spectre due to the fact that it doesn't support out-of-order processing.

Featured Resources

The complete guide to changing your phone system provider

Optimise your phone system for better business results

Download now

Simplify cluster security at scale

Centralised secrets management across hybrid, multi-cloud environments

Download now

The endpoint as a key element of your security infrastructure

Threats to endpoints in a world of remote working

Download now

2021 state of IT asset management report

The role of IT asset management for maximising technology investments

Download now

Recommended

What is hacktivism?
hacking

What is hacktivism?

13 Oct 2020
Microsoft: Iranian hackers are exploiting ZeroLogon flaw
Security

Microsoft: Iranian hackers are exploiting ZeroLogon flaw

6 Oct 2020
The Ritz suffers data breach after hackers pose as staff
data breaches

The Ritz suffers data breach after hackers pose as staff

17 Aug 2020
Russia hacked Liam Fox's personal email to steal trade documents
phishing

Russia hacked Liam Fox's personal email to steal trade documents

4 Aug 2020

Most Popular

Do smart devices make us less intelligent?
artificial intelligence (AI)

Do smart devices make us less intelligent?

19 Oct 2020
Politicians need to stop talking about technology
Policy & legislation

Politicians need to stop talking about technology

21 Oct 2020
Best MDM solutions 2020
mobile device management (MDM)

Best MDM solutions 2020

21 Oct 2020