If this first week is any indication, 2018 could mark a significant paradigm shift in trusted computing and open source hardware.

Chip makers have been very effective in making enhancements to greatly improve application performance, but the revelation of Spectre and Meltdown makes it clear that more attention needs to be paid to hardware level security. These attacks are able to abuse certain performance features to leak information in violation of fundamental security constraints.

Meltdown, which at this time is only known to impact Intel-based CPUs, exploits out-of-order execution to gain unrestricted read access to system memory. This has particularly devastating impacts for systems relying on isolation techniques like containerization or paravirtualization for security since an attacker can break through the isolation to read from co-located instances.

Spectre, which is known to impact virtually all modern processors, is a class of microarchitectural attacks that abuse the way processors perform branch prediction through speculative computation to read confidential information from a process. Perhaps the most shocking revelation of Spectre is that the researchers were able to create a side channel to leak memory from a Chrome browser process via JavaScript.

It is also worth noting that these attacks were found independently by two separate research efforts.

In addition to the team of esteemed researchers behind Spectre and Meltdown, Google’s Project Zero was also working with Intel, AMD, and ARM as outlined in their blog post: Reading privileged memory with a side-channel. It is unknown at this time whether any other groups had private knowledge of these flaws prior to this disclosure.

Due to the low-level nature of these bugs, fixing the bugs is non-trivial. Meltdown requires considerable changes to the way the OS provides memory isolation. Fortunately, an effective design was previously published by a team including some of (Read more...)