Why the Raspberry Pi's immune to the Meltdown and Spectre bugs

The tiny $35 microcomputer is your safest bet to avoid the crippling chip flaws

While the Meltdown and Spectre CPU flaws have caused widespread security issues for expensive, high-end computers using Intel, ARM and AMD chips, there's one processor that remains blissfully unaffected - the humble Raspberry Pi.

The $35 microcomputer (as well as all of its variants) is not vulnerable to the recently discovered bugsbecause the CPU it uses does not utilise out-of-order processing, the Raspberry Pi Foundation revealed last Friday.

Meltdown and Spectre allow attackers to read data from locations in a chip system kernel's address space and current address space respectively, exploiting flaws in the way CPUs employ caching and speculative execution.

Advertisement - Article continues below

"Modern processors go to great lengths to preserve the abstraction that they are in-order scalar machines that access memory directly," Raspberry Pi founder Eben Upton explained in a blog post, "while in fact using a host of techniques including caching, instruction reordering, and speculation to deliver much higher performance than a simple processor could hope to achieve."

"Meltdown and Spectre are examples of what happens when we reason about security in the context of that abstraction, and then encounter minor discrepancies between the abstraction and reality. The lack of speculation in the ARM1176, Cortex-A7, and Cortex-A53 cores used in Raspberry Pi render us immune to attacks of the sort."

Advertisement
Advertisement - Article continues below

So while your top-of-the-range work device might be vulnerable to hackers, your garage Pi project remains happily safe from the threat.

Researchers have noted that while newer and more powerful machines are rendered vulnerable by this bug, older 'obsolete' machines remain secure. As an experiment, engineer and NUS School of Computing graduate Yeo Kheng Meng managed to get a modern Linux distro running on a 25-year-old IBM PC from 1993 - an x86 machine that isn't vulnerable to Meltdown or Spectre due to the fact that it doesn't support out-of-order processing.

Advertisement

Recommended

Visit/security/cyber-security/355210/cyber-criminals-torn-over-how-to-adapt-to-post-coronavirus-threat
cyber security

Hackers torn over how to adapt their tactics to the coronavirus pandemic

3 Apr 2020
Visit/software/linux/355168/wireguard-vpn-bundled-into-latest-linux-release
Linux

WireGuard VPN bundled into latest Linux release

31 Mar 2020
Visit/software/28109/what-is-open-source
Software

What is open source?

30 Jan 2020
Visit/operating-systems/28025/best-linux-distros-2019-the-finest-open-source-operating-systems-around
operating systems

Best Linux distros 2019

24 Dec 2019

Most Popular

Visit/mobile/mobile-phones/355239/microsofts-patent-design-reveals-a-mobile-device-with-a-third-screen
Mobile Phones

Microsoft patents a mobile device with a third screen

6 Apr 2020
Visit/development/application-programming-interface-api/355192/apple-buys-dark-sky-weather-app-and-leaves
application programming interface (API)

Apple buys Dark Sky weather app and leaves Android users in the cold

1 Apr 2020
Visit/software/video-conferencing/355229/zoom-we-moved-too-fast
video conferencing

Zoom CEO admits company "moved too fast" as privacy issues mount

6 Apr 2020