This is a massive undertaking, so in the end we have a sliding scale of security patches. In order to protect against these issues, one extreme answer is a full top-to-bottom redesign of how modern computer processors are designed. Since the disclosure of these new attack vectors, new vulnerabilities similar to them have been discovered but follow in the same vein. How To Fix Spectre and Meltdown: Security This is beyond the scope of this article, but it’s important to understand how many devices might still be vulnerable in ten years. One big issue surrounding these attacks is unsecured embedded systems running high-performance processors – those that are deployed in the field and can be easily compromised. Other companies had executed similar plans, however Intel has by far been the most high profile of them all. For example, over the course of 2018, Intel started with its newest and high-priority platforms first, and slowly worked its way back through its product catalogue. In that time, the known attacks were analysed and software-related patches were built. For completeness, there are similar attacks that don’t fall under these headings, but side-channel security is still at the heart of what is being broken.Īll vulnerable processor makers were told about these attack vectors around six months before the public, in what is known in the industry as responsible disclosure – find a vulnerability, inform the vulnerable parties, and give them sufficient time to fix the issue before going public, in order to prevent any nefarious individuals exploiting it (and creating what is called a 0-day). The specific vulnerabilities have so far mostly fallen under two broad headings which are now synonymous with these attacks: Spectre and Meltdown. And other side-channel attacks can break through memory permission barriers between software like a Buick through a barn.īecause security is the number one factor in all modern day computing (and unfortunately in some cases, an afterthought), this became a serious potential problem quite quickly. Side-channel attacks on processor speculation, for example, can expose data that wasn’t even intended to be accessed by the program in the first place. But more fundamentally than that, the reason these attacks can occur is down to how the processor is designed. These vectors are based in what are called side-channel attacks: the ability to probe or infer what something else on the processor is doing without actually seeing the workload or its data. A Recap: Spectre and MeltdownĪt the start of 2018, it was announced that two new architecture-based attack vectors had been discovered in modern computer processors. The ultimate goal is for a hardware patch, which is always enabled, that loses zero performance – we’re testing out what the new patches have for us today. When these vulnerabilities were first discovered, they were patched using a combination of software and firmware, which unfortunately led to some performance regressions over an unpatched processor. One of the key aspects of the most recent Intel processor launch, its Core 9 th Generation processors, is that the new design affords some hardware-based protection for a couple of the Spectre and Meltdown family of security vulnerabilities.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |