The root of the vulnerability problem inherent in Intel CPU is deeply pointed out that "All processors have problems that can not achieve both safety and high speed"
It is reported that confidential information may be stolen by design defects of Intel processors, updating with countermeasure software is necessary and performance can not be avoided downBig problemHas become. There are two major types of vulnerabilities that are thought to be intrinsic to the Intel processors, one of which has been shown to be affected by processors such as AMD and ARM.
Critical "Meltdown" and "Specter" Flaws Breaks Basic Security for Intel, AMD, ARM Computers | WIRED
Researchers Discover Two Major Flaws in the World's Computers - The New York Times
◆ Meltdown and Specter
There are two types of vulnerabilities inherent in the CPU which has become a big fuss since the beginning of 2018, and they are named "Meltdown" and "Specter", respectively. Meltdown is a vulnerability unique to Intel CPUs, and it is pointed out that Spector is inherent in all processors such as Intel, AMD, and ARM.
Meltdown allows malicious programs to access areas where higher privileges in memory are required. This is based on "speculative execution (Intel)Speculative execution) Technology is considered to be the cause. In speculative execution, the algorithm speeds up processing by branching instruction processing according to input data, and performing processing in advance based on logical "prediction". If the prediction is correct, the process is continued as it is. If the prediction is incorrect, the process is interrupted and the process returns to the branch point and the process is reexecuted. However, according to security expert Eric Bosman, the Intel processor does not isolate the process in speculative execution, it does not distinguish between data of low privilege and high privilege in kernel memory . This makes it possible for malicious programs to access kernel memory with unprivileged code in speculative execution.
Since the data is discarded when the processor stops speculative execution and returns to the branch point of the instruction, it is usually difficult to obtain privileged data, but in the cache memory for accessing the most recent data faster Data is temporarily stored. The malicious code can watch the instruction of the processor and judge from the response speed whether the requested data exists in the cache or not. As described above, malicious programs steal confidential information such as passwords and personal information by reading a cache memory that should have been inaccessible by misusing a series of speculative execution processing performed by Intel CPU is.
Intel's processor chip found a fundamental design flaw, the necessity of updating to each OS - GIGAZINE
This meltdown is specific to cloud computing services like Google, Amazon and Microsoft. In the cloud computing service, there are few cases where a single server is provided for clients, and multiple clients share a server. Although access to information of other clients in the same server is separated by dedicated security tools and protocols, the vulnerability of the CPU driving the server may be able to circumvent these security mechanisms.
For Linux with about 30% share as a server OS, patches for avoiding meltdown have already been released, but it is reported that performance is reduced by 5 to 30% by applying patches, and software It is pointed out that the performance of patched machines like developers Andrés Friend falls by 20 to 30%. On the other hand, as speculative memory reference in speculative execution is not permitted, if Linux patch is applied to AMD CPU which is not affected by meltdown, performance will be degraded, so call attention to not make it effective AMD engineer Tom Lendacky is doing.
LKML: tip-bot for Tom Lendacky: [tip: x86 / pti] x86 / cpu, x86 / pti: Do not enable PTI on AMD processors
In server CPUs affected by meltdown, Intel boasts a share of over 90%, but if the meltdown problem does not affect AMD's CPU due to Intel's CPU-specific problem as reported, AMD's"EPYC" seriesIt is pointed out that Intel may be hit hard in the CPU market for servers with high profit margin as it may be disadvantageous in performance competition with.
For another vulnerability "Spector" there is not much information at the time of writing the article. However, Spector and Meltdown are common vulnerabilities in basic principles. On the other hand, Spector is a vulnerability related not only to Intel, but to chips in general, such as AMD and ARM, while meltdown is a problem for server CPU, but smartphones that use not only PC but also ARM-based CPU It can be said that it can be said to be a vulnerability that may affect a wider terminal.
Paul Caucha of Cryptography Research says that Spector is a structural problem inherent in the processor for 20 years and effectively affects all microprocessors in fact. "There has been a desire for the processor as fast and safe as possible in the industry, but Spector shows that it is impossible to balance this," said Mr. Kohcha, We point out the structural shortcomings that it is vulnerable to security problems by putting emphasis on speeding up.
◆ Google's response
Google's security department Project Zero grasps the serious security vulnerability caused by the speculative execution this time in 2017 and informs chip vendors such as Intel and notifies the affected server He said he was working on measures against the Google service driven by. Originally the vulnerability problem has already been widely known about the security update that was planned to be released on January 9, 2018, and we are taking the information disclosure ahead of schedule.
Google Online Security Blog: Today's CPU vulnerability: what you need to know know
The services and measures that can be affected are as follows. In addition, it is said that the operation of the user is unnecessary for the Google service which is not mentioned.
The latest security updateThe terminal to which it is applied is protected.
· "Google Apps / G Suite" (Gmail, Google Calendar, Google Drive, etc.)
Corrected. No additional action is required.
· "Google Chrome" "Google Chrome OS" "Google Cloud Platform"
Some operation by the user is necessary. Details can be confirmed on the following site.
Product Status - Google Help
· "Google Home" "Chromecast" "Google wifi" "OnHub"
No user intervention is required.
◆ Microsoft's response
According to The Verge, Microsoft will provide an urgent security update for the vulnerability inherent in this CPU against each Windows OS. Update will be done automatically on Windows 10.
Microsoft issues emergency Windows update for processor security bugs - The Verge
However, what is offered earlier is an update for Windows 10, OS such as Windows 7 and Windows 8.1 will be distributed through the next Windows Update.
According to information obtained from the sources by The Verge, it is expected that there will be no substantial decrease in performance on comparatively new Intel processors due to updates and firmware updates. However, there seems to be a possibility that the performance of the old Intel processor will be drastically reduced.
Also, Microsoft plans to introduce the latest firmware and software updates for cloud servers. In addition, at the time of article creation, it says that attacks that exploited the vulnerability were not confirmed.
Summary of each company's response to the vulnerability problem "Meltdown" "Spector" inherent in CPU - GIGAZINE