Spectre and Meltdown

Valorous morrow to thee all!

Spectre and Meltdown

When you hear about vulnerabilities, all of them are software related. However, we recently had one of the first hardware vulnerabilities in history. Named Spectre and Meltdown, these are two vulnerabilities that alter how the operating systems handle memory. Apparently, the Linux and Microsoft kernel developers discovered a security flaw that allows Spectre and Meltdown to take advantage of the processor and thus gain access to information stored on your computer.

The way these work is very simple. They take advantage that the processors are executing instructions speculatively. Basically, once the processor executes instructions, it will load data into the cache even if it’s determined afterward that data wasn’t required in the first place. That data, as well as other types of data structured in the processor can easily be probed and measured by these security issues.

What is Meltdown?

At its core, Meltdown is the major security issue here. Basically, any part of the kernel memory can be read by user programs, and any piece of software designed by a hacker would be able to access the processor and take advantage of it. Meltdown works by removing the shared kernel mapping.

Once the shared kernel mapping is removed, these maleficent pieces of software will get access to the processor and all the data you use within your computer. The security fix designed for Meltdown is all about trying to fix this problem, even if it’s going to take quite a while to solve this issue to begin with. The primary concern at this time is that security fixes are already issued for Meltdown and they are going to lower the processor’s performance with up to 30% or something around those lines. Apps that are dependent on the user programs won’t really see a major difference.

But the issue will most likely be felt by the apps that call the kernel often. Simply put, all apps that have extensive use of the Windows and Linux operating systems will run slower. The difference in performance can be small or substantial. As you can imagine, this varies on a case by case basis.

What is Spectre?

Unlike Meltdown that focuses only on Intel processors, Spectre is affecting the AMD and ARM systems. Unlike the former, Spectre is a more generalized attack. It has a multitude of different speculative execution features. The idea is that such attacks can be used for leaking info directly from the kernel and into the user programs. However, this can also be used for virtualization hypervisors and so on.

All the sensitive code pieces can be modified in order to include specific serializing instructions. These will basically force the processor to wait for the memory reads and writes to be completed. Spectre and Meltdown are very challenging, but the speculative execution features make the former a bit harder to identify and also use as an attack.

What can we do to protect ourselves against Meltdown and Spectre?

Linux Distributions and most Windows OS versions will receive the necessary updates to fight the Meltdown and Spectre vulnerabilities. These patches should, however, allow the users to opt out of the update. While you can still deal with the vulnerabilities and potential attacks, you won’t have the performance loss that these updates seem to bring right now.

The most vulnerable right now are the cloud service providers, as Meltdown and Spectre can be used for virtual machine attacks and attacks against hypervisors. If you’re a regular desktop user, the security issue is far less significant. Still, some issues can appear and due to the security fixes, you can still lose some processor performance. That will most likely affect people with older processors.

When it comes to the long term, we can expect Intel to come up with an updated processor architecture that will fix this issue. It will either avoid speculation around the memory access, or it may opt for making the memory access permission check a lot faster.

So, what can you do to deal with Meltdown and Spectre? The idea is simple; you have to update your operating system as fast as possible. While the hotfix may already be downloaded by your operating system, you may be able to find it manually if you search for updates.

Moreover, you also want to update your browsers to the latest versions. Both Meltdown and Spectre vulnerabilities can be used to access browser data, but both Chrome and Firefox as well as some of the other browsers have received some much-needed updates in this regard. Make sure that you go to the browser’s About page to see the current version; most browsers will automatically start the update or at least let you know about the new update.

One thing is certain, Meltdown and Spectre both show that hardware can also be used to perform cyber attacks. While there are no known attacks at this time, it’s safe to say that these vulnerabilities are an alarm signal in regards to what can happen in the near future. We hope that both Meltdown and Spectre will disappear soon, and it’s safe to say that both Intel and AMD are working very hard in this regard!

Most wondrous regards,

Tech Kingdom – Sokeman Brigade

By Sokeman Brigade - Tech Minstrel on 29 Jan 2018 0 Categories / Tech News, Tech Security, Technology Tags: amd, cloud, cybersecurity, hardware, hosting, intel, it, kernel, linux, meltdown, security, software, spectre, tech kingdom, tech news, techkingdom, Technology, updates, windows