What you need to know about Meltdown and Spectre CPU exploits
📱
2018 started off badly for AMD, ARM and Intel (mostly Intel). Researchers revealed earlier this week that all CPUs manufactured over the past 20 years are vulnerable to hardware-based exploits that are not easy to fix, especially without significant performance penalty. Initially, there was only one exploit, based on Intel’s CPU architecture and the ability to execute instructions speculatively, that is, basically out of order. This largely helps modern CPUs and is a fundamental part of CPU design.
Unfortunately, two major attacks based on these basic CPU design principles have been exposed, one much more serious than the other: Meltdown and Spectre. Here’s everything you need to know.
What are Meltdown and Ghosts?
Fundamentally, both exploits use some similar core concepts. All modern processors use a variety of features and techniques, including out-of-order execution (OOOE), branch prediction, and speculative execution to improve performance. However, all of these have the potential to execute code that shouldn’t be allowed. The hardware guarantees that the final result is correct, flushing any results from code that shouldn’t be running. The problem is that OOOE and speculative execution have side effects, they can cause the cache state to change, and then a cache attack can be used to try to get the “secret” (data from RAM) out of the cache.
What is a fuse?
Meltdown, an exploit that has affected Intel CPUs since at least 2011, exploits out-of-order execution of elements to alter the CPU’s cache state, which is then used to dump memory contents that are normally inaccessible. It can also affect many other CPUs, basically any CPU that uses OOOE, including all Intel CPUs going back to the original Pentium Pro (excluding Itanium and Atom before 2013), and AMD CPUs from a similar time period. While the current full implementation of Meltdown does not work on AMD and ARM CPUs, there are indications that further code modification could allow similar attacks to run on AMD and ARM processors. The KPTI (and similar) patches that have been deployed for Windows, OS X, and Linux have largely alleviated this problem, although some less critical issues remain.
It’s important to note that many of these vulnerabilities aren’t actually new. From the white paper, “The fact that hardware optimizations can change the state of microarchitectural elements, compromising secure software implementations, has been known for over 20 years. To date, industry and science have It’s considered a necessary drawback for efficient computing.” What has changed is that Meltdown is an effective attack vector on many Intel CPUs. The good news is that all major operating systems should already be patched to mitigate the problem.
What is a ghost?
Spectre uses the processor’s speculative execution capabilities and branch prediction, combined with methods similar to those in Meltdown (eg, cache attacks like Evict+Time), to read secrets from the process’ memory. The attack involves training a branch predictor to take a path and then, after many iterations, use branch mispredictions to speculatively execute code that should not be run. In some cases, up to nearly 200 instructions can be run. Spectre can affect processors from AMD, ARM, Intel, and others — theoretically any processor that uses branch prediction, basically all modern processors — but the attack would have to be tailored to the hardware in some way, so that make it more difficult to implement.
It’s also more difficult to defend against Spectre. As the white paper states, “More broadly, there is a trade-off between security and performance. The vulnerabilities in this paper, and many others, stem from the technology industry’s longstanding focus on maximizing performance. As a result, processors, compilers, devices Drivers, operating systems, and many other critical components have evolved into layers of complex optimizations that introduce security risks. As the cost of insecurity rises, these design choices need to be revisited, and in many cases, for security-optimized alternative implementations will be required.”
In other words, making our processors faster comes at the expense of safety, and the only real solution may be to slow things down.
When Intel says “it’s not a bug” it really means “please don’t make us recall millions of faulty processors” pic.twitter.com/NPU3WSEjSIJanuary 4, 2018
see more
Will Meltdown and Spectre affect my home computer?
Straightforwardly, Meltdown and Spectre don’t really affect your PC like a random virus. With thousands of viruses circulating at any given time, if you’ve practiced secure computing, you shouldn’t be affected by any attempts to exploit the Meltdown and Spectre vulnerabilities. If you have a virus on your home PC, it’s already compromised, and Meltdown and Spectre don’t really make the risk worse.
The main issue revolves around a fix that reportedly causes significant slowdowns for certain high I/O tasks. Games are generally more GPU bound than CPU bound, and don’t make many or any direct kernel calls at all, so even if the fix affects you, the performance hit may be small and insignificant. Initial benchmarks using Linux and Windows showed little (less than 3%) performance variation for common tasks, with data compression (eg, 7-zip) being one of the most serious problems. Gaming benchmarks made no difference.
The stakes are even greater for anyone using cloud services. Take Meltdown, for example, which is able to read all memory contents on a system from a virtual machine (VM) without breaking any security protocols. But unless you’re running a server farm at home and your tenants might try to steal data from other tenants, you should be fine.
Will Meltdown and Spectre affect game services?
Any company that has full control of its hardware should be relatively safe from attack. So, for example, if all of Steam’s servers run only the Steam virtual machine, the risk is minimal. The same goes for any other provider. The main focus is on services that rent or lease time on servers that may be running other company processes.
Which companies are most vulnerable to Meltdown and Spectre?
Any company offering or using cloud hosting services should patch against these attacks as soon as possible. This includes large providers such as Amazon AWS, Google Cloud Platform, Microsoft Azure, etc. Any server running virtual machines from multiple users may have data leaking from one virtual machine to another if it is not patched. This is especially problematic for small hosting services that sometimes run hundreds of small websites through containers, and fixes can be very expensive for such providers.
You may have heard of @Intel’s horrible #Meltdown bug. But have you seen it in action? Don’t click “No Now” when your computer asks you to apply the update this month. (via https://t.co/J84n79LRIA and @misc0110) pic.twitter.com/cWEiZWZdcJJanuary 4, 2018
see more
what can I do?
The main concern is the websites and services you use – how secure are they, and are they taking steps to protect your data? Unfortunately, answers to these questions may not always be immediately available. For home PCs and laptops, you should update with the latest security patches for Windows, macOS, and Linux. For most of our readers, Windows is the primary operating system, and there are patches for Windows 10, Windows 8.1, and Windows 7.
Windows 10 users should check for update KB4056892 and install it. However, official government advisors point out that updating the operating system is not enough, low-level firmware (BIOS and CPU microcode) is also required.
Intel has worked with partners to provide software patches and firmware updates for most of its latest processors, but in the case of firmware, it will be up to the system vendor or motherboard manufacturer to provide the necessary fixes.Intel said the updates “make these systems immune to both attacks” [Meltdown and Spectre]”Though these fixes only apply to most processors made within the past five years. If you have an older system, you may be vulnerable.
If you have an AMD chip (currently), please smile.
Will Meltdown and Spectre affect AMD CPUs?
AMD claims that its CPU architecture is immune to attack, although this claim may be premature. Since there are different variants of the exploit, the current analysis only shows that AMD CPUs are safe against the current version of Meltdown, which focuses on Intel’s architecture. The Meltdown paper has the following statement:
“We also tried to reproduce the Meltdown bug on multiple ARM and AMD CPUs. However, we were unsuccessful in leaking kernel memory via the attack described in Section 5, either on ARM or AMD. The reason for this is Could be multifaceted. First, our implementation might just be too slow and a more optimized version might succeed. For example, a shallower out-of-order execution pipeline might predispose race conditions to prevent data leaks. Likewise, if The processor lacks certain features, for example, without reordering buffers, our current implementation may not be able to leak data. However, for ARM and AMD, the toy example described in Section 3 works reliably, showing that out-of-order execution typically occurs And also executed instructions that were illegal memory accesses in the past.”
So far, AMD processors haven’t been affected by Meltdown, but they’re also not immune to Spectre, which uses a wider range of speculative execution. Spectre affects CPUs from AMD, ARM, and Intel, and in some ways may be more of a cure than a disease, depending on how much it affects performance.
Will having antivirus software help protect me from Meltdown and Spectre?
yes and no. Antivirus vendors are updating their products to look for viruses exploiting Meltdown and Spectre vulnerabilities. So if you have an updated antivirus (Windows Defender counts built into Windows), it’s now easier for you to know your PC is safer.
However, antivirus is only local protection. Meltdown and Spectre do the most damage to the big companies that provide the services you probably use every day: banking, streaming services, e-commerce, gaming, and more. If this sounds like everything to you, it is. Microsoft, Google, Amazon, and others are all scrambling to implement the Meltdown fix, but Spectre will do more analysis.
The best thing to do now is to make sure Windows is updated. Google also said it will release a new version of Chrome on January 23 to stop Meltdown. Intel is working on tinkering with its CPU lineup with microcode updates, which you may see from motherboard vendors.
expect
This is obviously not the last time we’ve heard of such an attack or exploit, and if at all, we’ve learned not to speculate on what might happen in the future. It’s worth pointing out that some of the techniques used in Meltdown and Spectre (eg, side-channel cache attacks) are not really new, and the performance benefits often outweigh the potential security risks. Unfortunately, burying our heads in the sand and hoping no one will do anything bad about a security breach is not an acceptable approach, and if the cat doesn’t care, you’ll need to be extra vigilant about passwords and other sensitive information.
Check more articles in our categories Gaming & News ou encore Anime.
Thanks for visiting we hope our article What you need to know about Meltdown and Spectre CPU exploits
, we invite you to share the article on Facebook, twitter and e-mail with the hashtag ☑️ #Meltdown #Spectre #CPU #exploits ☑️!
