- Jul 22, 2014
- 2,525
Countermeasures to protect apps from attack
Analysis Intel has borne the brunt of the damage from the revelation of two novel attack techniques, dubbed Meltdown and Spectre, that affect the majority of modern CPUs in various ways.
The chipmaker's stock price is down, and it's being eyed for possible securities litigation, following reports CEO Brian Krzanich sold the bulk of his Intel shares after the biz had been made aware of the flaws.
In its defense, Intel has said other chip designers are also affected. While the Meltdown vulnerability, a side-channel attack that allows user applications to read kernel memory, is known to affect Intel processors (and the Arm Cortex-A75 that is yet to ship). The other vulnerability, Spectre, meanwhile, has been demonstrated on Intel Ivy Bridge, Haswell and Skylake processors, AMD Ryzen CPUs, and several ARM-based Samsung and Qualcomm system-on-chips used for mobile phones.
But Spectre will be harder to mitigate than Meltdown because the most effective fix is redesigned computing hardware.
"We are currently not aware of effective countermeasures that will eliminate the root cause of Spectre, short of hardware redesign," said Daniel Genkin, one of the authors of the Spectre research paper and postdoctoral fellow in computer science in the University of Pennsylvania and the University of Maryland, in the US, in an email to The Register.
CERT in its January 3 vulnerability note for one of the two Spectre CVEs said the solution is replace CPU hardware, noting, "Underlying vulnerability is caused by CPU architecture design choices. Fully removing the vulnerability requires replacing vulnerable CPU hardware." That passage was deleted from a subsequent revision of the vulnerability notification.
Coincidentally, Intel on Thursday declared it has developed and is in the process of issuing patches to its manufacturing partners that render its hardware "immune from both exploits" – meaning both Meltdown and Spectre.
Bullshit. While it has Meltdown covered, Chipzilla only has half of Spectre in its sights. The patches and firmware available now for Intel processors are:
Thus, we're asked to believe that Intel and its peers are racing to fix products that are in perfect working order and functioning as designed, even as the security researchers who developed these attacks contend hardware will need to be redesigned to cover all bases.
For what it's worth, Intel and AMD CPUs, and selected Arm cores, are vulnerable to Spectre Variant 1 attacks. Intel and said Arm cores are vulnerable to Spectre Variant 2. Only Intel CPUs and one Arm core – the yet-to-ship Cortex-A75 – are vulnerable to Meltdown.
Oh, and Apple's Arm-compatible CPUs are affected by Meltdown and Spectre, too, but we'll get to that later.
....
.....
.....
Analysis Intel has borne the brunt of the damage from the revelation of two novel attack techniques, dubbed Meltdown and Spectre, that affect the majority of modern CPUs in various ways.
The chipmaker's stock price is down, and it's being eyed for possible securities litigation, following reports CEO Brian Krzanich sold the bulk of his Intel shares after the biz had been made aware of the flaws.
In its defense, Intel has said other chip designers are also affected. While the Meltdown vulnerability, a side-channel attack that allows user applications to read kernel memory, is known to affect Intel processors (and the Arm Cortex-A75 that is yet to ship). The other vulnerability, Spectre, meanwhile, has been demonstrated on Intel Ivy Bridge, Haswell and Skylake processors, AMD Ryzen CPUs, and several ARM-based Samsung and Qualcomm system-on-chips used for mobile phones.
But Spectre will be harder to mitigate than Meltdown because the most effective fix is redesigned computing hardware.
"We are currently not aware of effective countermeasures that will eliminate the root cause of Spectre, short of hardware redesign," said Daniel Genkin, one of the authors of the Spectre research paper and postdoctoral fellow in computer science in the University of Pennsylvania and the University of Maryland, in the US, in an email to The Register.
CERT in its January 3 vulnerability note for one of the two Spectre CVEs said the solution is replace CPU hardware, noting, "Underlying vulnerability is caused by CPU architecture design choices. Fully removing the vulnerability requires replacing vulnerable CPU hardware." That passage was deleted from a subsequent revision of the vulnerability notification.
Coincidentally, Intel on Thursday declared it has developed and is in the process of issuing patches to its manufacturing partners that render its hardware "immune from both exploits" – meaning both Meltdown and Spectre.
Bullshit. While it has Meltdown covered, Chipzilla only has half of Spectre in its sights. The patches and firmware available now for Intel processors are:
- Operating system updates for Linux, Windows and macOS, that separate kernel and user spaces, and kill the Meltdown vulnerability. On Linux, this fix is known as Kernel Page Table Isolation, aka KPTI.
- On pre-Skylake CPUs, kernel countermeasures – and on Skylake and later, a combination of a microcode updates and kernel countermeasures known as Indirect Branch Restricted Speculation, aka IBRS – to kill Spectre Variant 2 attacks that steal data from kernels and hypervisors.
- That leaves Spectre Variant 1 attacks, in which rogue software can spy on applications, unpatched. It's a good thing this variant is difficult to exploit in practice.
Thus, we're asked to believe that Intel and its peers are racing to fix products that are in perfect working order and functioning as designed, even as the security researchers who developed these attacks contend hardware will need to be redesigned to cover all bases.
For what it's worth, Intel and AMD CPUs, and selected Arm cores, are vulnerable to Spectre Variant 1 attacks. Intel and said Arm cores are vulnerable to Spectre Variant 2. Only Intel CPUs and one Arm core – the yet-to-ship Cortex-A75 – are vulnerable to Meltdown.
Oh, and Apple's Arm-compatible CPUs are affected by Meltdown and Spectre, too, but we'll get to that later.
....
.....
.....
