History, Politics And Current Affairs

Opinions expressed here are personal views of contributors and do not necessarily represent the companies, organizations or governments they work for. Nor do they necessarily represent those of the Board Administration.
It is currently Sat Jan 20, 2018 4:00 am

All times are UTC - 5 hours




Post new topic Reply to topic  [ 10 posts ] 
Author Message
PostPosted: Thu Jan 04, 2018 2:30 am 
Offline
User avatar

Joined: Wed Oct 08, 2008 5:35 am
Posts: 5642
Location: Sweden
So basically all modern computer processors have massive built in security flaws that can only be rectified by replacing the physical processors with redesigned ones. And they’ve just figured it out now.
Expect to see major security breaches shortly as the bad guys start to exploit this.

One example given elsewhere is that if an attacker rents space on a major cloud service such as Amazon or Google they can easily dump all the data from everyone else also renting space on the same server, via this processor flaw.

Quote:
“Meltdown” and “Spectre”: Every modern processor has unfixable security flaws

Immediate concern is for Intel chips, but everyone is at risk.

by Peter Bright - Jan 4, 2018 1:30am CET

Windows, Linux, and macOS have all received security patches that significantly alter how the operating systems handle virtual memory in order to protect against a hitherto undisclosed flaw. This is more than a little notable; it's been clear that Microsoft and the Linux kernel developers have been informed of some non-public security issue and have been rushing to fix it. But nobody knew quite what the problem was, leading to lots of speculation and experimentation based on pre-releases of the patches.

Now we know what the flaw is. And it's not great news, because there are in fact two related families of flaws with similar impact, and only one of them has any easy fix.

The flaws have been named Meltdown and Spectre. Meltdown was independently discovered by three groups—researchers from the Technical University of Graz in Austria, German security firm Cerberus Security, and Google's Project Zero. Spectre was discovered independently by Project Zero and independent researcher Paul Kocher.

ARS TRENDING VIDEO

The Greatest Leap, Episode 3: Triumph

At their heart, both attacks takes advantage of the fact that processors execute instructions speculatively. All modern processors perform speculative execution to a greater or lesser extent; they'll assume that, for example, a given condition will be true and execute instructions accordingly. If it later turns out that the condition was false, the speculatively executed instructions are discarded as if they had no effect.

However, while the discarded effects of this speculative execution don't alter the outcome of a program, they do make changes to the lowest level architectural features of the processors. For example, speculative execution can load data into cache even if it turns out that the data should never have been loaded in the first place. The presence of the data in the cache can then be detected, because accessing it will be a little bit quicker than if it weren't cached. Other data structures in the processor, such as the branch predictor, can also be probed and have their performance measured, which can similarly be used to reveal sensitive information.

Meltdown

The first problem, Meltdown, is the one that stimulated the flurry of operating system patches. It uses speculative execution to leak kernel data to regular user programs.


Our original coverage gave a high-level summary of how operating systems virtualize system memory, the use of page tables to map from virtual memory addresses to physical addresses, how processors cache those mappings, and how the kernel's page table mapping is shared between processes in order to maximize the value of this special cache.

While all modern processors, including those from Intel, AMD, and ARM, perform speculation around memory accesses, Intel's processors do so in a particularly aggressive way. Operating system memory has associated metadata that determines whether it can be accessed from user programs, or is restricted to access from the kernel (again: our original coverage has more detail about this point). Intel chips allow user programs to speculatively use kernel data and the access check (to see if the kernel memory is accessible to a user program) happens some time after the instruction starts executing. The speculative execution is properly blocked, but the impact that speculation has on the processor's cache can be measured. With careful timing, this can be used to infer the values stored in kernel memory.

The researchers say they haven't been able to perform the same kind of kernel memory-based speculation on AMD or ARM processors, though they hold out some hope that some way of using this speculation offensively will be developed. While AMD has stated specifically that its chips don't speculate around kernel addresses in this way, ARM has said that some of its designs may be vulnerable, and ARM employees have contributed patches to Linux to protect against Meltdown.

For systems with Intel chips, the impact is quite severe, as potentially any kernel memory can be read by user programs. It's this attack that the operating system patches are designed to fix. It works by removing the shared kernel mapping, an operating system design that has been a mainstay since the early 1990s due to the efficiency it provides. Without that shared mapping, there's no way for user programs to provoke the speculative reads of kernel memory, and hence no way to leak kernel information. But it comes at a cost: it makes every single call into the kernel a bit slower, because each switch to the kernel now requires the kernel page to be reloaded.

The impact of this change will vary wildly depending on workload. Applications that are heavily dependent on user programs and which don't call into the kernel often will see very little impact; games, for example, should see very little change. But applications that call into the operating system extensively, typically to perform disk or network operations, can see a much more substantial impact. In synthetic benchmarks that do nothing but make kernel calls, the difference can be substantial, dropping from five million kernel calls per second to two-to-three million.

Spectre

Owners of AMD and ARM systems shouldn't rest easy, though, and that's thanks to Spectre. Spectre is a more general attack, based on a wider range of speculative execution features. The paper describes using speculation around, for example, array bounds checks and branches instructions to leak information, with proof-of-concept attacks being successful on AMD, ARM, and Intel systems. Spectre attacks can be used both to leak information from the kernel to user programs, but also from virtualization hypervisors to guest systems.

Moreover, Spectre doesn't offer any straightforward solution. Speculation is essential to high performance processors, and while there may be limited ways to block certain certain kinds of speculative execution, general techniques that will defend against any information leakage due to speculative execution aren't known.

Sensitive pieces of code could be amended to include "serializing instructions"—instructions that force the processor to wait for all outstanding memory reads and writes to finish (and hence prevent any speculation based on those reads and writes)—that prevent most kinds of speculation from occurring. ARM has introduced just such an instruction in response to Spectre, and x86 processors from Intel and AMD already have several. But these instructions would have to be very carefully placed, with no easy way of identifying the correct placement.

In the immediate term, it looks like most systems will shortly have patches for Meltdown. At least for Linux and Windows, these patches allow end-users to opt out if they would prefer. The most vulnerable users are probably cloud service providers; Meltdown and Spectre can both in principle be used to further attacks against hypervisors, making it easier for malicious user to break out of their virtual machines.

For typical desktop users, the risk is arguably less significant. While both Meltdown and Spectre can have value in expanding the scope of an existing flaw, neither one is sufficient on its own to, for example, break out of a Web browser.

Longer term, we'd expect a future Intel architecture to offer some kind of a fix, either by avoiding speculation around this kind of problematic memory access, or making the memory access permission checks faster so that this time interval between reading kernel memory, and checking that the process has permission to read kernel memory, is eliminated.


Peter Bright / Peter is Technology Editor at Ars. He covers Microsoft, programming and software development, Web technology and browsers, and security. He is based in Brooklyn, NY.

_________________
The Night Watch - A Star Trek Story


Top
 Profile Send private message  
Reply with quote  
PostPosted: Thu Jan 04, 2018 2:43 am 
Offline
User avatar

Joined: Thu Oct 30, 2008 2:37 pm
Posts: 7565
Location: BM-9, BB-30
"The sky is falling. Details at eleven."

...okay it's probably a serious issue, but 1. it's already being patched, and 2. at this point the reaction to "COMPUTER SECURITY FLAWS" can only be "<yawn> Must be Tuesday".

_________________
RLBH wrote:
I'm sorry, but I prefer to carpet-shark my enemies. Much more mayhem, though it must be admitted that the laser-guided shark is cheaper.


Top
 Profile Send private message  
Reply with quote  
PostPosted: Thu Jan 04, 2018 3:04 am 
Offline
User avatar

Joined: Wed Oct 08, 2008 5:35 am
Posts: 5642
Location: Sweden
The Bushranger wrote:
"The sky is falling. Details at eleven."

...okay it's probably a serious issue, but 1. it's already being patched, and 2. at this point the reaction to "COMPUTER SECURITY FLAWS" can only be "<yawn> Must be Tuesday".

Well the slight problem is that patches can only make it a bit harder to exploit. The flaws are hardwired so will remain until replaced.

Or, as someone on twitter put it.
Quote:
bugs, ranked

Heartbleed:
whoops, the internet is burning

Shellshock:
oh no, bash is broken sorry

Meltdown/spectre: we had a nuclear reactor accident twenty years ago and just found it uhhhh yeah good luck

CERT is pretty clear on the only real solution being hardware replacement.
Image

_________________
The Night Watch - A Star Trek Story


Top
 Profile Send private message  
Reply with quote  
PostPosted: Thu Jan 04, 2018 11:41 am 
Offline
Site Admin

Joined: Sat Oct 04, 2008 6:02 pm
Posts: 2645
The other problem with this is that patch fix to deal with this issue will likely slow a lot of computers down between 10 and 30%! That's enough to be noticeable for a lot of applications. For the average office computer which has had enough horsepower to do normal stuff for over 10 years now (there are machines where I work that are 8 years old and still able to run Windows 10 perfectly well if upgraded to 4 GB of RAM) this will likely not be noticed. For CAD, video and photo editing, games and lots of other demanding applications this will be a very nasty performance hit. It will essentially erase most of the CPU performance progress which has occured in the last five years.


Top
 Profile Send private message  
Reply with quote  
PostPosted: Thu Jan 04, 2018 12:09 pm 
Offline

Joined: Sat Oct 04, 2008 9:02 am
Posts: 16145
Location: Planet Earth, Milky Way, Universe
David Newton wrote:
The other problem with this is that patch fix to deal with this issue will likely slow a lot of computers down between 10 and 30%! That's enough to be noticeable for a lot of applications. For the average office computer which has had enough horsepower to do normal stuff for over 10 years now (there are machines where I work that are 8 years old and still able to run Windows 10 perfectly well if upgraded to 4 GB of RAM) this will likely not be noticed. For CAD, video and photo editing, games and lots of other demanding applications this will be a very nasty performance hit. It will essentially erase most of the CPU performance progress which has occured in the last five years.


Excellent!! Time to buy stock in a CPU manufacturer!! Big Profits, here we come!! :mrgreen:

_________________
I am Charlie


Top
 Profile Send private message  
Reply with quote  
PostPosted: Thu Jan 04, 2018 2:39 pm 
Offline
User avatar

Joined: Sun Oct 05, 2008 7:53 pm
Posts: 1651
Location: The People's Republic of Kalifornia
If you want a more balanced view on this security flaw without sensationalistic journalism, I would recommend reading this excellent article on Anandtech.

https://www.anandtech.com/show/12214/understanding-meltdown-and-spectre


Top
 Profile Send private message  
Reply with quote  
PostPosted: Thu Jan 04, 2018 11:27 pm 
Offline
User avatar

Joined: Wed Oct 08, 2008 5:35 am
Posts: 5642
Location: Sweden
Image

_________________
The Night Watch - A Star Trek Story


Top
 Profile Send private message  
Reply with quote  
PostPosted: Wed Jan 17, 2018 10:35 pm 
Offline
User avatar

Joined: Wed Oct 08, 2008 5:35 am
Posts: 5642
Location: Sweden
Some problems with the patches emerging.
Quote:
Intel: Problem in patches for Spectre, Meltdown extends to newer chips

(Reuters) - Data center computers with Intel Corp's (INTC.O) newer chips might reboot more often than normal because of problems with the patches issued to fix the so-called Spectre and Meltdown security flaws, the company said on Wednesday.

Intel confirmed that patches for the security flaws can cause higher-than-expected reboot rates in Ivy Bridge, Sandy Bridge, Skylake and Kaby Lake processors, said Navin Shenoy, general manager of the data center group, in a statement on Intel’s website.

The Kaby Lake chips are the company's most recent offering.

ADVERTISEMENT

Last week, Intel said it had received reports that its security patches were causing problems in systems with its older Broadwell and Haswell chips.

Shenoy said that Intel had issued patches for 90 percent of Intel chips released in the past five years but that the company had "more work to do." He also said the company would send out initial versions of fixes for the buggy patches to customers by next week.

"We have reproduced these issues internally and are making progress toward identifying the root cause," Shenoy wrote.

On Jan. 3 Intel confirmed that the Spectre and Meltdown flaws affected its chips, potentially letting hackers steal information believed to be very secure.

The Spectre flaw affected nearly every modern computing device, including those with chips from Intel, Advanced Micro Devices Inc (AMD.O) and ARM Holdings.

Intel on Wednesday also quantified how much of a performance hit the patches cause for data center customers. For common tasks such as running website servers, the patches caused a 2 percent slowdown, Intel said. Another test that simulated online transactions at a stock brokerage showed a 4 percent slowdown, the company said.

ADVERTISEMENT

For some types for work involving servers that store large amounts of data and try to retrieve it quickly, the company said the slowdown could be as severe as 18 percent to 25 percent. However, it wasn't immediately clear how common those situations were.

(Reporting by Stephen Nellis; editing by Grant McCool)

_________________
The Night Watch - A Star Trek Story


Top
 Profile Send private message  
Reply with quote  
PostPosted: Thu Jan 18, 2018 10:18 am 
Offline
User avatar

Joined: Sun Oct 05, 2008 6:48 pm
Posts: 4263
Location: UK
So...
1) Do not trust the cloud ?

2) Keep your Nortons etc current ??

3) Next time, specify a couple more real cores on your CPU ???

_________________
'P for Pleistocene' A camp-out goes impossibly wrong...


Top
 Profile Send private message  
Reply with quote  
PostPosted: Fri Jan 19, 2018 2:28 pm 
Offline

Joined: Tue Oct 07, 2008 12:22 am
Posts: 141
Nik_SpeakerToCats wrote:
So...
1) Do not trust the cloud ?

The largest cloud providers all patched a month before this issue was revealed. The cloud is safer than your personal network, and safer than many (though not all) enterprise networks.

Quote:
2) Keep your Nortons etc current ??

For home, use Windows Defender and keep it current. Maybe MalwareBytes if you have a specific case. I would not use any other antivirus program.

Quote:
3) Next time, specify a couple more real cores on your CPU ???

The performance impact is strongly dependent on workload, and will primarily affect I/O-intensive tasks. Compute-bound or interactive tasks are not affected much.


Top
 Profile Send private message  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 10 posts ] 

All times are UTC - 5 hours


Who is online

Users browsing this forum: No registered users and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group