Back in January 2018, researchers disclosed a set of vulnerabilities related to the way modern CPUs perform a function known as speculative execution. Spectre and Meltdown were considered serious in part because Spectre represented an entire new class of attacks, not a single isolated attack vector. For much of 2018, the “story” around Intel revolved around its response to these attacks.
Almost a year and a half later, researchers are still searching for similar classes of issues. Multiple new vulnerabilities have broken cover, and they go by various names such as ZombieLoad, RIDL, and Fallout (as named by the researchers). Collectively, Intel summarizes them as MDS — Microarchitectural Data Sampling. RIDL, for Rogue In-flight Data Load, was discovered by researchers at Vrije Universiteit Amsterdam and Helmholtz Center for Information Security. Fallout was found by a group at the Graz University of Technology, KU Leuven, the University of Michigan, and Worcester Polytechnic Institute. ZombieLoad was discovered by Graz, Worcester, and KU Leven.
As a matter of architecture, all operations are performed in sequence and the only data retained by the CPU is the data it needs to perform operations. But it’s possible to snoop on the microarchitecture to look for subtle clues as to where data is being stored on-chip, based on timing differences in how long it takes to access information. Measuring those differences can allow attackers to infer the data values stored in cache or in on-chip buffers. Previous Spectre-class flaws have typically focused on leaking data from cache, but the new MDS flaws leak data from buffers — tiny data stores that the chip uses to move data internally.
How Serious Are These Attacks?
There has been a bit of controversy over just how serious these new attacks are, and I’ll honestly say I’m a bit unhappy with how some of this news has been publicized. Some of you may remember last year, when a supposed security research firm, CTS-Labs, appeared to be collaborating with a short seller firm in a blatant attempt to attack AMD’s stock price by publicizing a set of supposedly critical security flaws that the disclosure literally implied could put lives at risk. Absolutely nothing came of these flaws, which the short seller, Viceroy Research, also literally predicted could reduce the value of AMD’s stock to zero. As we discussed at the time, contaminating security disclosures with hyperbolic marketing claims to paint the issues as far worse than they actually were is an emphatically bad idea, regardless of who is being targeted or for what reason.
The situation with Intel is not nearly this bad, but it shows some of the same troubling trends I discussed last year. The researchers chose to publicize their efforts at a website named “CPU.fail“, with scary looking graphics and an FAQ that seems designed more to frighten than inform. When asked if the issues they highlight have been abused in the wild, for example, they simply state: “We don’t know.” But the question of how serious flaws these flaws are in practice is a genuine one.
Thus far, no attacks actually utilizing Spectre and Meltdown have been spotted in the wild, beyond proof-of-concept work submitted by researchers. Similarly, taking advantage of MDS is trickier than this website implies. Attackers can’t directly control what’s in the buffers they target, for example, which means the exploit may leak old, stale data of no interest. Microcode updates for systems with Sandy Lake through Kaby Lake CPUs have already shipped out to customers. First-generation-and-following Coffee Lake and Whiskey Lake CPUs are immune to this attack already. The impact on performance from the fix is estimated to be ~3 percent.
Intel’s official statement says:
Microarchitectural Data Sampling (MDS) is already addressed at the hardware level in many of our recent 8th and 9th Generation Intel Core processors, as well as the 2nd Generation Intel Xeon Scalable Processor Family. For other affected products, mitigation is available through microcode updates, coupled with corresponding updates to operating system and hypervisor software that are available starting today. We’ve provided more information on our website and continue to encourage everyone to keep their systems up to date, as it’s one of the best ways to stay protected. We’d like to extend our thanks to the researchers who worked with us and our industry partners for their contributions to the coordinated disclosure of these issues.
Thus far, the tone of the coverage on this issue has varied widely. Wired takes an alarmist tone, arguing that these flaws “allow attackers to eavesdrop on virtually every bit of raw data that a victim’s processor touches” and arguing that the researchers are accurate that these flaws are quite severe. Intel argues that they are of medium to low severity, given the difficulty of pulling them off, the lack of in-the-wild practical attacks, and the fact that both microcode updates and hardware-fixed CPUs are already in-market. As PCMag notes:
[T]he microarchitectural data sampling vulnerabilities disclosed today appear to be more academic at this stage. For now, no real-world attacks involving the chip flaws have ever been encountered and made public. A big reason why is probably because hackers can simply use traditional malware to steal data from your PC rather than resort to tampering with the Intel processor.
The fact that not everyone updates their OS or hardware is a demonstration of how imperfect these solutions are, but these are issues we’ve been dealing with in PC security for as long as we’ve had PCs. Part of the difficulty in deciding how serious a flaw might be is figuring out which experts to listen to. Last year, for example, Theo de Raadt decided to change the default behavior of FreeBSD by disabling Hyper-Threading, viewing it as a fundamental security risk. Other OS vendors have not gone so far as to preemptively disable the feature. Is Hyper-Threading a potential security risk? Yes. Is it a potential security risk that’s severe enough that existing users should disable the feature? Experts literally disagree. The honest answer is: “It depends,” not because anyone wants to be wishy-washy, but because the proper security practices in any given situation depend on one’s threat exposure and the cost of enabling the fixes in question.
How seriously should you take these threats? Seriously enough to patch up, certainly. But past that, the real-world practical implications are still unknown. To date, we have not seen a Spectre or Meltdown attack in the wild that posed a threat to Intel CPUs (or anyone else’s CPUs) of any generation. That does not mean one cannot happen, and it doesn’t absolve Intel of the responsibility to secure its products. But it also doesn’t mean invisible hackers are rifling through your pockets right now via hardware attacks you aren’t aware of. Not every security vulnerability becomes a practically exploited avenue of attack. So far, these attacks have not.
What is Speculative Execution?
Speculative execution has been in the news of late, typically when discussing the Meltdown and Spectre bugs. We explain the topic.
New Speculative Execution Security Flaw Cracks Intel’s Software Guard Extensions
A new attack vector against Intel CPUs has been discovered — based, once again, on speculative execution.
What Is Speculative Execution?
Speculative execution has been in the news of late, typically when discussing the Meltdown and Spectre flaws. We explain the topic.
Intel Proposes New Type of Memory to Fix Speculative Execution Flaws
Intel has a proposal for a new type of memory that could solve many of the speculative execution issues that have bedeviled the semiconductor industry in general (and itself in particular) since January 2018.