Modern CPUs Likely Permanently Haunted by Spectre Security Flaws

Ever since the Spectre and Meltdown series of security flaws were disclosed, there have been questions about just how secure the modern CPUs we use can be. At the same time, the difference in which companies were exposed to which specific attacks created confusion about just how to weigh the evidence. Or, to put it bluntly — was Spectre really only a problem for Intel, with incidental exposure for other companies?
A group of Google researchers has an answer to this question, and it’s not one people are going to like. We quote:
Vulnerabilities from speculative execution are not processor bugs but are more properly considered fundamental design flaws, since they do not arise from errata. Troublingly, these fundamental design flaws were overlooked by top minds for decades. Our paper shows these leaks are not only design flaws, but are in fact foundational, at the very base of theoretical computation.

The research teams evaluated multiple ideas, including disabling speculative execution to the maximum degree possible via use of the LFENCE instruction, using timer mitigation strategies (adjusting the precision of various system timers), and the use of branchless masking, rather than relying on branch instructions to enforce what untrusted code is allowed to do. None of these solutions presents a complete fix to the problem. None of them could be counted on to provide security against all types of side-channel attacks, and even a combination of software and hardware best practices wasn’t able to guard against every type of exploit.
No Easy Fixes, No Quick Solutions
According to the researchers, the black-box state of microarchitectures and their reliance on closed-source IP represents a tremendous barrier to researching and resolving side channel exploits. It’s even harder to know how to design strategies for effective long-term mitigation in future products.
They write:
Computer systems have become massively complex in pursuit of the seemingly number-one goal of performance. We’ve been extraordinarily successful at making them faster and more powerful, but also more complicated, facilitated by our many ways of creating abstractions. The tower of abstractions has allowed us to gain confidence in our designs through separate reasoning and verification, separating hardware from software, and introducing security boundaries. But we see again that our abstractions leak, side-channels exist outside of our models, and now, down deep in the hardware where we were not supposed to see, there are vulnerabilities in the very chips we deployed the world over. Our models, our mental models, are wrong; we have been trading security for performance and complexity all along and didn’t know it.
The degree to which we did or didn’t “know” about these things seems to be a matter of interpretation. Certainly, the idea that speculative execution could represent a security threat has been conceptually known for decades. The increase in CPU transistor count with every product generation has generally been hailed as a good thing, even as it’s become harder to cool those transistors or run them at high clock speeds.
To-date, exploits targeting Spectre and Meltdown haven’t been seen in the wild. This seems like a case of “when,” rather than “if,” however — and the CPU industry players don’t want to be seen as ignoring these problems. At the same time, it’s not clear if they can ever be resolved without jettisoning speculative execution, and the tremendous performance benefits it delivers.
Continue reading

Google Pixel Slate Owners Report Failing Flash Storage
Google's product support forums are flooded with angry Pixel Slate owners who say their devices are running into frequent, crippling storage errors.

Qualcomm’s New Snapdragon 888 Will Power Flagship Android Phones in 2021
The 888 comes with a new CPU design, integrated 5G, and a massive GPU boost. It's shaping up to be the most significant update to Qualcomm's flagship system-on-a-chip (SoC) in years.

Current x86 vs. Apple M1 Performance Measurements Are Flawed
There's an intrinsic difference between x86 and ARM CPU designs that makes comparing performance difficult — and it didn't get noticed in the initial wave of coverage.

A File Sharing App With 1 Billion Downloads Has a Major Security Flaw
Trend Micro says SHAREit is a security nightmare that could allow intruders to sneak a peek at your data or even install malware. Perhaps most troublingly, the developers have not responded to Trend Micro's warnings.