Explain Like I’m 5 — Why are AMD processors not, or less, vulnerable to Meltdown and Spectre?


All these answers are abstruse and complex. Can someone please explain like I’m 5 by relying on, but varietizing, u/zoox101’s excellent analogy? I copy and paste it here with some trifling corrections and modifications, like differently gendering the librarian and the diary’s owner to avoid confusing pronouns.


At its heart, your computer works just like a library. It’s constantly reading and moving information just like students read and move books. And just like any good library, your computer has a friendly librarian: Ms Kernel.

Whenever you go to check out a book, you give Ms Kernel the title and she goes to fetch it for you. However, this library may contain some pretty secret stuff, so Ms Kernel always checks to make sure you’ve got permission to read the book you’re requesting.

Back in the old days, Ms. Kernel had to do all the work herself, and it was painfully slow. Recently computers are better designed, and can do multiple operations at once, meaning that Ms. Kernel now has a bunch of assistants helping her. This is great for the library, because now it can handle more people than ever before! However, it also creates a weakness that was only just discovered. Here’s how the weakness works.

You, a mischievous ne’er do well, want to read your rival Ed’s diary, which he keeps in the library. However, Ed hasn’t shared his diary with you, so Ms Kernel won’t let you check it out. So you decide to do something rather clever…Rather than asking for the diary directly, you ask Ms. Kernel to fetch two things:

  1. Ed’s diary

  2. a book where the first word in the title is the first word in Ed’s diary.

Back in the old days, this wouldn’t have been a problem. The first thing Ms. Kernel would have done, was to ask Ed if you could read her diary. When Ed said no, Ms. Kernel would’ve stopped.

However the assistants complicate things. To save time, Ms Kernel asks one assistant to ask Ed for permission, while the other goes to find the two books you requested. When the first assistant tells Ms Kernel that Ed said no, the second one gives Ms K the books which Ms. K sets on her desk.

Ms. Kernel tells you that you can’t have the books. However, because they’re sitting on the desk, you can read the titles. The first one’s called "Ed’s Diary" and the second one’s called "The Cat in the Hat". Because you requested a book whose title that begins with the same word as the first word in Ed’s diary, you know that the first word in the diary must be "The".

If you wanted to, you could repeat this process for every word in the diary, until you could read the whole diary.

This exploit endangers all libraries because it works in every library that has assistant librarians, which covers just about every modern processor out there. The only real panacea is to force the assistants to run the check before fetching the books, which will slow down the library as a whole. The biggest vulnerability is that the parallel processing (assistants) is leaving the cache (desk) in a different state than they found it, even though the permission check failed.

Thankfully, no known malware exploits this bug, but the safest thing to do is to update your devices as soon as a fix is released, to prevent them from being infiltrated in the future. The performance shouldn’t slow down most personal devices (small library, few assistants), but will decrease performance on larger machines (i.e. university supercomputers).