Modern CPUs Likely Permanently Haunted by Spectre Security Flaws
Ever since the Spectre and Meltdown series of security flaws were disclosed, there have been questions about just how secure the modern CPUs we use can be. At the same time, the difference in which companies were exposed to which specific attacks created confusion about just how to weigh the evidence. Or, to put it bluntly — was Spectre really only a problem for Intel, with incidental exposure for other companies?
A group of Google researchers has an answer to this question, and it’s not one people are going to like. We quote:
Vulnerabilities from speculative execution are not processor bugs but are more properly considered fundamental design flaws, since they do not arise from errata. Troublingly, these fundamental design flaws were overlooked by top minds for decades. Our paper shows these leaks are not only design flaws, but are in fact foundational, at the very base of theoretical computation.
The research teams evaluated multiple ideas, including disabling speculative execution to the maximum degree possible via use of the LFENCE instruction, using timer mitigation strategies (adjusting the precision of various system timers), and the use of branchless masking, rather than relying on branch instructions to enforce what untrusted code is allowed to do. None of these solutions presents a complete fix to the problem. None of them could be counted on to provide security against all types of side-channel attacks, and even a combination of software and hardware best practices wasn’t able to guard against every type of exploit.
No Easy Fixes, No Quick Solutions
According to the researchers, the black-box state of microarchitectures and their reliance on closed-source IP represents a tremendous barrier to researching and resolving side channel exploits. It’s even harder to know how to design strategies for effective long-term mitigation in future products.
They write:
Computer systems have become massively complex in pursuit of the seemingly number-one goal of performance. We’ve been extraordinarily successful at making them faster and more powerful, but also more complicated, facilitated by our many ways of creating abstractions. The tower of abstractions has allowed us to gain confidence in our designs through separate reasoning and verification, separating hardware from software, and introducing security boundaries. But we see again that our abstractions leak, side-channels exist outside of our models, and now, down deep in the hardware where we were not supposed to see, there are vulnerabilities in the very chips we deployed the world over. Our models, our mental models, are wrong; we have been trading security for performance and complexity all along and didn’t know it.
The degree to which we did or didn’t “know” about these things seems to be a matter of interpretation. Certainly, the idea that speculative execution could represent a security threat has been conceptually known for decades. The increase in CPU transistor count with every product generation has generally been hailed as a good thing, even as it’s become harder to cool those transistors or run them at high clock speeds.
To-date, exploits targeting Spectre and Meltdown haven’t been seen in the wild. This seems like a case of “when,” rather than “if,” however — and the CPU industry players don’t want to be seen as ignoring these problems. At the same time, it’s not clear if they can ever be resolved without jettisoning speculative execution, and the tremendous performance benefits it delivers.
Continue reading
Job Ads for AI Could Soon Look Like This. Are You Ready?
Our recent past has shown us that we can develop the type of machines that would soon open up a whole new field of lucrative and fulfilling work.
Microsoft: Pluton Chip Will Bring Xbox-Like Security to Windows PCs
Intel, AMD, and Qualcomm are working to make Pluton part of their upcoming designs, which should make PCs more difficult to hack, but it also bakes Microsoft technology into your hardware.
Interstellar Visitor May Be a Fragment of a Pluto-Like Planet
Two astronomers from Arizona State University have published a paper that claims 'Oumuamua is neither an asteroid nor a comet, but rather a pancake-shaped piece of a Pluto-like world.
AMD Discloses a Spectre-Like Vulnerability in Zen 3 CPUs
AMD has disclosed a potential security vulnerability on its Zen 3 CPUs with similarities to the Spectre attack from several years ago, but the company believes the risk is minimal.