Back in January 2018, researchers published a set of vulnerabilities related to the way modern CPUs perform a function known as speculative execution. Specter and meltdown were considered serious because specter represented a whole new class of attacks, not a single isolated attack vector. For much of 2018, the "story" around Intel revolved around its response to these attacks.
Almost a year and a half later, researchers are still searching for similar classes of issues. Multiple new vulnerabilities have broken cover, and they go to various names like ZombieLoad, RIDL, and Fallout (as named by the researchers). Collectively, Intel summarizes them as MDS – Microarchitectural Data Sampling. RIDL, for Rogue In-flight Data Load, was discovered by researchers at VU University Amsterdam and Helmholtz Center for Information Security. Fallout was found at a group at the Graz University of Technology, KU Leuven, the University of Michigan, and Worcester Polytechnic Institute. ZombieLoad was discovered by Graz, Worcester, and KU Leven.
As a refresher: All of these flaws, including Specter and Meltdown, are related to how either CPUs in general or Intel CPUs, specifically, perform speculative execution. In the case of RIDL, ZombieLoad, Fallout, and MDS more generally, the flaws highlighted appear to be specific to Intel CPUs. These problems arise because there are differences between a CPU's architecture (how the CPU is documented to work on paper) and its microarchitecture (how the CPU actually performs operations "under the hood.") Speculative execution is exactly what it sounds like: The CPU speculates about what operations will need to be performed next, and then performs them in order to have the results ready if they are needed, rather than performing these operations after it is necessary.
As a matter of architecture, all operations are performed in sequence and the only data retained by the CPU is the data it needs to perform operations. But it's possible to snoop on the microarchitecture to look for subtle clues as to where data is stored on-chip, based on timing differences in how long it takes to access information. Measuring which differences can allow attackers to input the data values stored in cache or in on-chip buffers. Previous specter-class flaws have focused on caching, but the new MDS flaws leak data from buffers – tiny data stores that are used to move data internally
How Serious Are These Attacks?
There has have been a bit of controversy over just how serious these new attacks are, and I honestly say I'm a bit unhappy with how this news has been published. Some of you may remember last year, when a supposed security research firm, CTS-Labs, appeared to be collaborating with a short seller firm in an attempt to attack AMD's stock price by publishing a set of supposedly critical security flaws that the disclosure literally implied could put lives at risk. Absolutely nothing came of these flaws, which the short seller, Viceroy Research, also literally predicted could reduce the value of AMD's stock to zero. As we discussed at the time, contaminating security disclosures with hyperbolic marketing claims to paint the issues worse than they actually were is an emphatically bad idea, regardless of who is being targeted or for what reason.
The situation with Intel is not nearl y this bad, but it shows some of the same troubling trends I discussed last year. The researchers chose to publish their efforts at a website named "CPU.fail", with scary looking graphics and a FAQ that looks more like frighten than inform. When asked about the issues they have been abused in the wild, for example, they simply state: "We don't know." But the question of how serious flaws these flaws are in practice is a genuine one.
Thus far, no attacks have been spotted in the wild, beyond proof-of-concept submitted by researchers. Similarly, taking advantage of MDS is trickier than this website implies. Attackers cannot directly control what they are targeting, for example, which means the exploit may be old, stale data of no interest. CPUs have already shipped out to customers. First-generation and following Coffee Lake and Whiskey Lake CPUs are already immune to this attack. The impact on performance from the fix is estimated to be 3 percent.
Intel's official statement says:
Microarchitectural Data Sampling (MDS) is already addressed at the hardware level in many of our recent 8th and 9th Generation Intel Core processors, as well as the 2nd Generation Intel Xeon Scalable Processor Family. For other affected products, mitigation is available through microcode updates, coupled with corresponding updates to operating system and hypervisor software that are available starting today. We provided more information on our website and continue to encourage everyone to keep their systems up to date, if it's one of the best ways to stay protected. We like to extend our thanks to the researchers who worked with us and our industry partners for their contributions to the coordinated disclosure of these issues.
Thus, the tone of the coverage on this issue has varied widely. Wired takes an alarmist tone, arguing that these flaws "allow attackers to eavesdrop on virtually every bit of raw data that is a victim's processor touches" and arguing that the researchers are accurate that these flaws are quite severe. Intel argues that they are of medium to low severity, given the difficulty of pulling them off, the lack of in-the-wild practical attacks, and the fact that both microcode updates and hardware-fixed CPUs are already in-market. As PCMag notes:
[T] he microarchitectural data sampling vulnerabilities reported today appear to be more academic at this stage. For now, no real-world attacks involving the chip flaws have been encountered and made public. Why is it because hackers can use traditional malware to steal data from your PC rather than to tamper with the Intel processor.
The fact that not everyone updates their hardware or software is a demonstration of how imperfect these solutions are. we have been dealing with in PC security for as long as we have had PCs. Part of the difficulty in deciding how serious a flaw might be is figuring out which experts to list. Last year, for example, Theo de Raadt decided to change the default behavior of FreeBSD by disabling Hyper-Threading, viewing it as a fundamental security risk. Other OS vendors have not gone as far as to preemptively disable the feature. Is Hyper-Threading a potential security risk? Yes. Is it a potential security risk that is severe enough that existing users should disable the feature? Experts literally disagree. The honest answer is: "It depends," because anyone wants to be wishful, but because the security practices in any given situation depend on one's threat exposure and the cost of enabling the fixes in question. should you take these threats? Seriously enough to patch up, excel. But the real-world practical implications are still unknown. To date, we have seen a specter or meltdown attack in the wild that poses a threat to Intel CPUs (or anyone else's CPUs) or any generation. That does not mean one can happen, and it does not mean Intel of the responsibility to secure its products. But it does mean that invisible hackers are rifling through your pockets right now through hardware attacks you're not aware of. Not every security vulnerability becomes a practically exploited avenue of attack. So far, these attacks have not
Now Read :