About Adam K Levin | Contact | Videos

The Meltdown and Spectre Vulnerability is Serious (Sorta)Data Security


The Meltdown and Spectre vulnerabilities that were revealed after the New Year have been the talk of the cybercommunity, and for good reason. The problem, if exploited, would be capable of breaking down basic security partitions by targeting a design feature in chips manufactured by Intel, AMD and ARM.

First, don’t panic. The vulnerability may have existed for 20 years. Researchers have (so far) found no example of it being used. However, now that the information is “out in the wild,” hackers have been alerted. Reactions to this news have ranged from ARM and AMD’s downplaying the danger to their chipsets to CERT’s recommendation to ‘replacing CPU hardware,’ so the story is very much unfolding.

Spectre and Speculative Execution

One of the many processes that happens deep within the universe of a personal computer is managing highly secure, privileged memory and non-privileged, untrusted processes, at the machine’s central processing unit, or CPU. This is the deepest level of a computer.

An important thing that happens at this level is something akin to guesswork. It’s actually called “speculative execution,” a process that helps speed things along by “guessing” what processes will be needed before they are called into action.

The speculative execution, which is the theoretical basis of the Spectre Vulnerability,  happens at the CPU level is the digital cousin of messenger RNA in a cell—and it is supposed to happen in a protected place on a computer’s hardware, but there are moments where information is exposed, including passwords and other credentials, encryption keys and sensitive data on a machine.

How is it Different from Meltdown?

Meltdown, limited to Intel Chips, operates in a similar manner via “out-of-order execution,” which in plain English allows hacker to access parts of a computer’s memory. While this has the potential to open up access to key strokes, passwords, and other valuable personal information, perhaps the larger concern is on cloud-based platforms such as Amazon Web Services and other shared hosting services. Exploiting the Meltdown vulnerability would mean that a hacker would theoretically be able to access any of the information residing on the shared resources of a server.

Patches are now available, but questions remain regarding their efficacy, and in many instances they have already been shown to slow down machines—between 2 (more likely) and 30 percent—mainly because they were not designed to have a programmed work-around at such a deep level—the kernel level that is responsible for making a computer start-up and initiate the rest of its operating system.

Read more here.