Behind the Naming of ZombieLoad and Other Intel Spectre-Like Flaws

secwatcher writes: There was a lot more to the name game behind choosing titles for ZombieLoad, Spectre and Meltdown than picking cool and edgy attack titles. If you have ever wondered why they were named what they were, Threatpost tracked down one of the researchers behind the naming convention (and discovery) and found out. Much like the funky titles of advanced persistent threat groups, these speculative execution attacks, which impact Intel CPUs, are often named to reflect the impact behind the vulnerabilities, their attributes and how the attack processes work. "We always try to come up with names that somehow resemble the nature of the attack," Daniel Gruss, a security researcher from the Graz University of Technology and one of the founders of the ZombieLoad flaw, told Threatpost in a recent podcast interview. When it comes to ZombieLoad, "the nature of the attack is also something which fits the name very well," said Gruss. That's because the attack relies on the processor sending multiple load requests out to load data (instead of loading data once), as a result of the chip carrying out processes that will work in the most optimistic, opportunistic way, said Gruss.

Spectre and Meltdown, for their part, have their own history behind their names. The idea for naming Spectre after a ghost -- also known by its logo, of a malevolent-looking ghost with a stick in its hand -- came from from Paul Kocher, one of the collaborating researchers who discovered the flaw. "The reasoning behind the name was that Spectre is ... it's not a nice spectre," Gruss told Threatpost. Meltdown, meanwhile, was so named because the vulnerability "melts security boundaries which are normally enforced by the hardware." But beyond that, unlike Spectre, the attack can be fixed and won't haunt users for years to come, said Gruss.

My nomination

[UnknowingFool]

“The Dude”. It’s a bug with unkempt hair and beard and wears a bathrobe most of the time.

Re:

[sconeu]

Well, that's just like, your opinion, man.

Naming Specter

[techno-vampire]

Specter was named after a ghost? Interesting. I'd always thought that it was named after SPECTRE [wikipedia.org]. Of course, it it had been, the spelling would have been a tad different.

Re:

[maestroX]

You're confusing Ellison with Blofeld.

Re:

[Type44Q]

Good point, poorly made.

Marketing

[phantomfive]

Ever since Heartbleed [wikipedia.org] had a fancy name and a logo, people realized they can get free publicity for their security firm by having a fancy name and a logo. So now everyone does it. That's about all.

Re:

[TeknoHog]

Also, millennials who want a catchy hashtag for everything (except IRC channels).

Spectre and branch

[fintux]

In the Spectre logo, the ghost is holding a branch. The article says: "It’s one that holds a branch in a hand ready to hit someone, so it’s really a nasty spectre". I always thought the branch also is a reference to the branch prediction that is an essential part of the vulnerability. But I couldn't actually find any proof of this.