The IT Industry is in an uproar for one basic reason: millions of computers and servers are now shown to be vulnerable. This article will go over the vulnerabilities recently made public, what they mean for you, and what to expect in the coming months.
What Are Meltdown and Spectre?
“Meltdown” and “Spectre” are the given names for the data security issues unearthed by researchers. These issues affect all modern processors and therefore nearly every computing device, though they especially pose a threat to data centers and multi-user networks.
How do the Meltdown and Spectre vulnerabilities work?
Meltdown breaks one of the most fundamental aspects of security in any computer: Isolation.
In Layman’s terms, every modern operating system makes sure that applications can’t read each others’ memories. They also prevent user apps from writing to, or reading kernel memory. This feature is one of the foundations of security in computing.
With present-age processors, this isolation between the kernel and user processes is determined by a supervisor bit in the processor that says if a memory page in the kernel is accessible or not.
The supervisor bit is only supposed to be set when inputting kernel code, or code to the most sensitive part of the computer. When it swaps back to user processes, it’s supposed to be cleared.
Because of this feature, the OS can map the kernel into the address space of every process, and make transitions from user processes to the kernel very smoothly, and in theory without any funny business occurring.
Meltdown provides a method to overcome this barrier. It allows any user process to read all of the kernel memory for the machine that it’s running on; this includes all memory mapped inside the kernel area.
Because this flaw works through a hardware defect, and doesn’t rely on any software to function, this exploit can be used on any operating system.
Thankfully, patches have been released for the Meltdown vulnerability, though software fixes will cause a decrease in system performance. KAISER is the the primary one for linux, and windows is releasing its own set of patches, though there are conflicts with certain third party antiviruses.
Spectre attacks on the other hands, “involve inducing a victim to speculatively
perform operations that would not occur during
correct program execution and which leak the victim’s
confidential information via a side channel to the adversary.”
In more simple terms, Spectre abuses a feature of modern processors called “speculative execution.” Speculative execution is a process that allows for faster speeds. Here’s how it works:
When the processor hits a snag, like waiting to retrieve a value from memory, it tries to “guess” the next execution path in the mean time, or essentially what it’s going to do next.
Before it does this, it saves a checkpoint of where it was before it went to execute its guess.
In this example, once the processor is done waiting to retrieve the value, it can check if its “guess” was correct.
If the guess was incorrect, it reverts everything back to its “checkpoint.”
If the guess was correct, then the executions it made to that effect are committed to, and the processor saved itself a significant amount of time.
In the past, since the processor is set to revert from any incorrect guesses, the general consensus was that it wouldn’t be a security problem.
However, the Spectre flaw exploits the processor in the time it’s doing speculative execution, or “guessing” its future execution paths.
Essentially, the hacker tricks the processor into guessing that it wants to leak sensitive data. The hacker can then retrieve this data before the processor realizes its guess was incorrect and reverts back to the checkpoint.
Spectre is harder to exploit than Meltdown, but it is difficult to patch.
What do Meltdown and Spectre mean for Data Centers?
Large networks and data center environments are uniquely vulnerable to cyber attacks as a result of this bug.
One reason is that the vulnerabilities could allow a hacker to break out of one user’s process to hijack other processes and users on the same shared server. This means that instead of just one user being at risk, one attack could expose every user on the network at once. With many of those users having access to millions of confidential records, the flaw is potentially catastrophic for many of the largest hosting companies, cloud companies, and other data centers.
What do Meltdown and Spectre Mean for the Processor Market?
One important thing to note is that while Spectre exploit attacks are universal to CPUs in general, Intel CPUs are significantly more vulnerable to the Meltdown exploit. This will inevitably cause a shift in the market towards AMD processors over Intel processors. It’s a safe bet that more security conscious companies will try to sell cpus off in quantity and replace their equipment with more secure versions.
Intel has lost billions in stock, while AMD’s stock has climbed significantly since the news broke. Data centers and corporations in general will look to reinforce and diversify their chip architecture by bringing more AMD chips into their server environments. Look for the value of AMD CPUs on the market to climb and the value of Intel CPUs to fall.