Meltdown and Spectre

The dawn of 2018, unveiled to the world two new forms of security vulnerabilities which exploit the fundamental features of the modern microprocessors that power almost all of our gadgets. ‘Meltdown’ and ‘Spectre’ do not just exploit bugs but a process which is supposed to be carried out by the processor for the efficient use of a gadget. One of the independent research groups that reported this flaw to Intel consisted of Moritz Lipp, Daniel Gruss and Michael Schwarz, who tested their theoretical attacks and found out that they access information from the most protected part a computer’s OS known as the kernel.

“The idea of a fundamental vulnerability in CPUs is something that is probably one of the scariest things you can ever imagine, because how vulnerable that can make so many systems” – Shuman Ghosemajumder, CTO of Shape Security

Meltdown and Spectre: A brief

Meltdown attacks the kernel memory to retrieve data by unprivileged access whereas Spectre extracts information from browsers such as login credentials. Meltdown exploits the crevices between user apps and the OS and thus indirectly the core of the system. Spectre, on the other hand, breaks the isolation between different user applications. Both of these attacks affect Intel and ARM processors to some extent. The difference here is that AMD processors are not affected by Meltdown.

How do Meltdown and Spectre exploit the functioning of a processor

To comprehend the working of this threat, we first need to understand the concept of Speculative Execution. This is a technique used by the processors to optimize performance by queueing up instructions which are predicted based on the tasks which are performed in a sequential order. Therefore, the processor executes the next bit of code waiting for the user to execute the same set of instructions like it normally does. This increases the speed of execution of the tasks and thus optimizes the performance of the gadget. But there is also the chance that the processor guesses wrong and the user gives a different set of commands. What happens to the extra lines of code executed beforehand? This ‘speculative’ code is then tracked back but in this process, there are remnants of data that should not have been fetched by the cache.

This may contain very sensitive data such as passwords or account information and this is where Meltdown and Spectre come in. These two vulnerabilities can be flexibly used in a way to trick processors to perform the speculative execution and release information that is inherently stored in the protected areas of the kernel.

Protection against Meltdown and Spectre

The research against these type of vulnerabilities is still in its infant stages. Although patches against these threats have been sent to different systems via software updates, these come with its fair share of cons. These updates have been reported to affect the gadgets’ performance, sometimes significantly. This not only affects the operating systems but also cloud interfaces. Spectre patches prove the most difficult to inculcate in the systems and even after the application of these patches, there seems to be the hovering question of fixing or finding the alternative for Speculative Execution.

Brian Krzanich, CEO of Intel

Attacks identical to Meltdown and Spectre are predicted to surface for next several years and the research to protect computers and stop these threats further could possibly revolutionize the basic fabrics of operating systems and cloud computing. But as of now, this is still probably the largest security scare in history, a 20-year-old chip-flaw which is just being reported. Therefore, one could fathom the degree of misuse and breaches that could have been possible all these years. No wonder Brian Krzanich, the CEO of Intel sold a substantial amount of stock in the November of 2017 post learning about the bug.

Comments are closed.