Why the Raspberry Pi's immune to the Meltdown and Spectre bugs

The tiny $35 microcomputer is your safest bet to avoid the crippling chip flaws

While the Meltdown and Spectre CPU flaws have caused widespread security issues for expensive, high-end computers using Intel, ARM and AMD chips, there's one processor that remains blissfully unaffected - the humble Raspberry Pi.

The $35 microcomputer (as well as all of its variants) is not vulnerable to the recently discovered bugsbecause the CPU it uses does not utilise out-of-order processing, the Raspberry Pi Foundation revealed last Friday.

Meltdown and Spectre allow attackers to read data from locations in a chip system kernel's address space and current address space respectively, exploiting flaws in the way CPUs employ caching and speculative execution.

"Modern processors go to great lengths to preserve the abstraction that they are in-order scalar machines that access memory directly," Raspberry Pi founder Eben Upton explained in a blog post, "while in fact using a host of techniques including caching, instruction reordering, and speculation to deliver much higher performance than a simple processor could hope to achieve."

Advertisement
Advertisement - Article continues below

"Meltdown and Spectre are examples of what happens when we reason about security in the context of that abstraction, and then encounter minor discrepancies between the abstraction and reality. The lack of speculation in the ARM1176, Cortex-A7, and Cortex-A53 cores used in Raspberry Pi render us immune to attacks of the sort."

So while your top-of-the-range work device might be vulnerable to hackers, your garage Pi project remains happily safe from the threat.

Researchers have noted that while newer and more powerful machines are rendered vulnerable by this bug, older 'obsolete' machines remain secure. As an experiment, engineer and NUS School of Computing graduate Yeo Kheng Meng managed to get a modern Linux distro running on a 25-year-old IBM PC from 1993 - an x86 machine that isn't vulnerable to Meltdown or Spectre due to the fact that it doesn't support out-of-order processing.

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now
Advertisement

Recommended

Visit/open-source/34540/view-from-the-airport-linux-open-networking-summit-2019
open source

View from the airport: Linux Open Networking Summit 2019

1 Oct 2019
Visit/software/28109/what-is-open-source
Software

What is open source?

13 Sep 2019
Visit/operating-systems/28025/best-linux-distros-2019-the-finest-open-source-operating-systems-around
operating systems

Best Linux distros 2019

18 Jun 2019

Most Popular

Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/security/identity-and-access-management-iam/354289/44-million-microsoft-customers-found-using
identity and access management (IAM)

44 million Microsoft customers found using compromised passwords

6 Dec 2019
Visit/mobile/mobile-phones/354273/pablo-escobars-brother-launches-budget-foldable-phone
Mobile Phones

Pablo Escobar's brother launches budget foldable phone

4 Dec 2019
Visit/network-internet/wifi-hotspots/354283/industrial-wi-fi-6-trial-reveals-blistering-speeds
wifi & hotspots

Industrial Wi-Fi 6 trial reveals blistering speeds

5 Dec 2019