Mainstream the least Intel, AMD and ARM Chips.
Medias are talking about the Spectre and Meltdown flaw everywhere. But do they
really know what it is and how it could affect their daily lives?
So what is Spectre
and Meltdown in detail?
They are vulnerabilities
which affect CPUs made by Intel, AMD and ARM. Meltdown was discovered in 2017
and disclosed at the 3rd January 2018 by two companies, Cerberus
Security and Google Project Zero as well as the Technical University of Graz.
Spectre has been identified by Google Project Zero and the independent researcher
Paul Kosher. Both vulnerabilities affecting Windows, Linux, MacOS operating
systems and all devices like mobile phones, laptops, Desktops and Servers. There
are two variants of Spectre and one variant of Meltdown. Meltdown is affecting nearly
every modern Intel Chip and the two Spectre variants are affecting the least
Intel, AMD and ARM Chips. Meltdown and the two types of the Spectre attacks are
taking advantage of a process within the CPUs which is speed up processing of
any given code without a performance loss whilst guessing which the next
process will be. Every time this process will be executed a small change to the
processor is made. Unfortunately, this change can also be measured by other
programs which means that the information can be leaked to malicious programs,
is leaking the information within the kernel memory. Modern operating systems using
page tables to map kernel memory or processes and physical memory of the system
and split it into two parts, one for processes and one for the kernel. Since
the kernel memory is shared for all processes, Meltdown takes advantage of this
shared memory, finding leaks in the data and forward them to a third party. Spectre
could be exploited in a CPU to make it mispredict and execute vulnerable code
instead of the predictive code. With the second version of Spectre an attacker
could trick the CPU into making the wrong speculative accesses outside its
boundaries, driving the CPU away from a normal prediction to the one that the
attacker wants. Both Spectre vulnerabilities could allow an attacker to gain
access to data on the Chips, that is meaning in detail that encryption key,
passwords and other sensitive information could be exfiltrated. Every time when
the CPU guesses what information is needed to continue its process, the
attacker could see the data. Spectre allows an attacker to start the guessing
process, by measuring how long it takes to perform this task, then the process can
be detected by a third-party process. This could lead to buffer overflows attacks
for example. Bad news for all admins, Spectre affects also virtualized
machines. For the exploitation of Meltdown,
a lower skillset is needed as for Spectre. It enables a third-party process to
read the data from the kernel and allows the attacker to view the data. These
Attacks are so called “Side-Channel-Attacks” and accessing data while it is
used for legitimate process. The vulnerability leads not to a specific vendor
like often told in the news but lays in the design of the Chips itself. Amazing,
we can call most of our processors vulnerable by design!
does all that have an impact on the crypto world?