Herbert Bos gave this talk as part of the ViSP Distinguished Lecture Series (https://visp.wien/lecture-series).

Abstract: Unlike what we see in the movies, attacks on high-value targets are not easy. While there are still plenty of vulnerabilities in the software, exploitation is difficult due to multiple layers of protection. For instance, since data pages are no longer executable on modern systems, attackers cannot inject their own malicious code to execute and are forced to reuse snippets of code already present in the victim software instead. By stringing together such existing snippets of benign software, attackers can still create their malicious payloads. However, to do so, they need to know where all these snippets are in memory, which is made difficult by the randomized address spaces of today's software.
Researchers have shown that in some cases it is possible to attack "blind"—without knowing anything about the target software. Unfortunately for the attacker, these blind attacks induce thousands of crashes, making them applicable only in cases where (a) the software can handle crashes, and (b) nobody raises an alarm when thousands of processes crash. Such cases are rare. In particular, they do not apply to truly high-value targets such as the Linux kernel, where even a single crash is fatal.
If software exploitation is difficult, what about hardware attacks such as Spectre? Here also, exploitation is really tough due to powerful mitigations in hardware and software. In the case of the Linux kernel developers have gone through the kernel code with a fine comb, to eliminate the known Spectre "gadgets" and neutralize possible attacks.
However, even if traditional software exploitation and speculative execution attacks are difficult, I will show that we can combine them and create very powerful blind attacks still, even on the Linux kernel. In particular, the software vulnerabilities make Spectre attacks possible in code that we previously considered safe. In return, speculative execution makes it possible for an attacker to probe blindly in the victim's address space without ever crashing.
Such a symbiotic combination of attack vectors make the development of mitigation much harder: we can no longer limit ourselves to the threat of, say, memory errors or speculative execution, but have to consider interesting combinations also.