It’s been almost two years since the Spectre and Meltdown vulnerabilities affecting Intel processors and some other chips were revealed. Since then Intel has released a number of security patches meant to mitigate the effect of those vulnerabilities and the chip maker says its latest processors include hardware-based mitigations.

But similar vulnerabilities keep popping up, and there’s mounting evidence that the issue isn’t going to be easy to fix without completely redesigning the way modern processors work.

This week security researchers revealed a set of previously undisclosed vulnerabilities affecting Intel chips — and also pointed out that some of Intel’s previous “fixes” didn’t address all known issues at the time.

The researchers say that when Intel released a set of mitigations in May, 2019 to address the RIDL vulnerability, the update was only a partial fix. Computers with the latest security updates were still vulnerable to certain types of known vulnerabilities which could allow an attacker to access protected data.

Intel had asked the team to hold off on disclosing the vulnerability until security patches were available — but after finding that Intel continued to claim that its latest updates were adequate, this week the researchers decided to call out Intel for over-promising the effectiveness of its security updates.

At issue are side-channel attacks that take advantage of a chip feature called speculative execution. In a nutshell, many modern processors make an educated guess about some of the things they’re going to need to do, and do them ahead of time… even before you explicitly ask them to do that work. Side-channel attacks allow data that’s being processed or stored in this way to be accessed.

One solution is to simply disable speculative execution altogether. But that would have a dramatic impact on performance in some situations — effectively erasing years of progress in making computer processors work more quickly.

So rather than address the root causes, Intel has been working on patches to address specific side-channel vulnerabilities as they’re discovered/disclosed. If that seems like an uphill battle, that’s because it is… and there’s always the chance that some black hat hackers will discover a vulnerability that Intel isn’t aware of and exploit it before a patch can be made available.

So maybe insecurity is the new normal.

via NYT, Wired, and Hacker News 

Support Liliputing

Liliputing's primary sources of revenue are advertising and affiliate links (if you click the "Shop" button at the top of the page and buy something on Amazon, for example, we'll get a small commission).

But there are several ways you can support the site directly even if you're using an ad blocker* and hate online shopping.

Contribute to our Patreon campaign

or...

Contribute via PayPal

* If you are using an ad blocker like uBlock Origin and seeing a pop-up message at the bottom of the screen, we have a guide that may help you disable it.

6 replies on “Intel insecurity update: new vulnerabilities disclosed… and likely to keep popping up”

  1. Some discussion of how this affects the 10th generation processors would be nice.

  2. Maybe Intel and AMD need to slow down the pace of new chip development since it is apparent that security is not priority one. I am not going to pretend to understand CPU development but I do understand design from a mechanical standpoint, and my first rule is “if ain’t broke don’t fix it. if it is broke then get rid of it”.

    1. These have nothing to do with AMD CPUs. This is all on Intel, and only affects them.

    2. I hate to defend them, but having studied CPU design and speculative execution in particular, well, at the very least, it’s not that simple. As Brad said, getting rid of speculative execution would be “effectively erasing years of progress in making computer processors work more quickly.”

      In broad strokes, modern CPUs are assembly lines for executing code. That means when there’s a branch where two different things can happen (e.g. showing an account if a user is logged in, and an error page otherwise), the current approach is to “guess” which path to take and start working on it. If the guess gets halfway through the assembly line when it turns out the guess was right, we just continue right along and are that many clock cycles ahead. But that means wrong guesses can partially execute incorrect instructions. Usually, that work is just thrown out, but in the case of some of these bugs they have accidental side effects.

      This is a pretty fundamental function of processing in modern designs, and really, these CPUs were originally not meant to make security priority one. That may never be the case. There is a lot of academic writing about how to build the perfectly secure system, but it’s not really realistic. Most companies won’t even make it the highest priority because they got stuck in a contest of speeds. Giving that up for them would be giving up the investment of the last few decades.

Comments are closed.