Data Structure
Networking
RDBMS
Operating System
Java
MS Excel
iOS
HTML
CSS
Android
Python
C Programming
C++
C#
MongoDB
MySQL
Javascript
PHP
Physics
Chemistry
Biology
Mathematics
English
Economics
Psychology
Social Studies
Fashion Studies
Legal Studies
- Selected Reading
- UPSC IAS Exams Notes
- Developer's Best Practices
- Questions and Answers
- Effective Resume Writing
- HR Interview Questions
- Computer Glossary
- Who is Who
What are Meltdown and Spectre?
Security researchers discovered multiple vulnerabilities earlier this year that affect practically every PC, laptop, and smartphone on the market. The flaws, known as Spectre and Meltdown, are found in the design of modern CPUs and allow personal data (passwords, e-mail, and surfing history) to be accessed from memory by exploiting Speculative Execution and Branch Prediction capabilities. The features are performance-enhancing technologies that enable processors to pre-execute instructions and forecast future execution routes.
The Meltdown vulnerability is thought to be very simple to cure. Still, due to the nature of Speculative Execution, we will most likely have to settle with mitigation in the case of Spectre.
As a result, while we wait for a revision of processor architecture, there will be a risk of system compromise for years to come. These weaknesses can develop undetectable exploits by standard user countermeasures (antivirus, etc.) and leave no trace in traditional system log files. Because the situation is fluid, it's critical to keep devices up to date and keep a close eye on vendor announcements.
How do they work?
Understanding how Meltdown and Spectre function necessitates a foundational knowledge of CPU design (recall that CPUs are the "brains" of your devices).
All of the commands that make your device's applications work are executed by CPUs. Clock speed determined how fast CPUs could run in the past. Intel and AMD, the two major processor manufacturers, were neck and neck in the fight to boost clock speed. When they realized they couldn't boost clock speeds anymore, they looked for new ways to process data and commands even quicker, which led to speculative and out-of-order execution development.
Speculative execution
Speculative execution boosts processing speeds by allowing the CPU to guess (or speculate) which process or steps will follow. The CPU assumes some of the time accurately, but not all of the time. That implies the CPU will sometimes load a portion of a program or snippet of code, only to delete it later when the estimate is incorrect and a new command appears. By looking at which commands are coming next and retrieving the stored memory involved in those future operations, the Spectre vulnerability allows a hacker to break in and run malware that steals data by exploiting this predictive (speculative) process. Spectre can also access data loaded speculatively and then destroyed, including sensitive information like passwords.
Out-of-order execution
Out-of-order execution (or dynamic execution), like its speculative counterpart, allows CPUs to "think" ahead. Instead of waiting for all instructions to be completed in a specific, linear order, out-of-order execution will enable chips to execute any commands that are available at the time, regardless of their order.
Meltdown and Spectre: What's the Difference?
The Meltdown and Spectre faults are two variants of the same vulnerability. By breaking the barrier between user applications and the operating system, the Meltdown bug allows an attacker to access system memory and other OS apps (OS). Meltdown, for instance, impacts Intel x86 microprocessors, as well as various ARM and IBM processors. The Spectre flaw works a little differently in that it simply breaks application separation, allowing an attacker to access data from those programs. These attacks are more challenging to carry out and more challenging to defend against, and they work on almost any sort of computer chip.
What are the dangers of Spectre and Meltdown?
Spectre and Meltdown allow attackers to steal encryption keys and passwords from infected computers, allowing them to carry out further attacks that require access to infected systems. Attacking Spectre and Meltdown does not require a user to run a maliciously-formed executable because JavaScript-based proofs-of-concept demonstrate the viability of exploiting these vulnerabilities inside a web browser. (As a result, browser vendors have reduced the precision of high-resolution timings necessary to carry out an attack successfully.)
Attackers can use Spectre and Meltdown in cloud computing to get around software containers, para-virtualized systems, and virtual machines.
As a stand-alone vulnerability, Spectre and Meltdown are inefficient for large data exfiltration, with Meltdown accessing data at roughly 120 KB/s and Spectre at 1.5 to 2 KB/s, according to preliminary research. In addition, Spectre-BTB (Variant 2) takes 10-30 minutes to initialize on a system with 64 GB RAM and is expected to scale "approximately linearly" as host RAM size grows.
Spectre and Meltdown exploits can be carried out invisibly, without leaving traces of the vulnerability in system logs. Although known malware signatures may still be determined using traditional methods, this makes the duo harder to detect in targeted malware campaigns.
Today's Meltdown and Spectre flaws
Patches for the CPUs were released shortly after the security issues were made public. Microsoft, Apple, Google, and Intel released patches for Windows, Linux, and OS X platforms. The majority of cloud providers have patched their systems as well. Because the fault is on the hardware level, these issues cannot be fixed entirely; nevertheless, most updates include a workaround for the majority of concerns. Changes to the Linux OS core, for example, caused the system to slow down to the point where it had to be removed. Users should still make sure their browsers and PCs are up to date. Older operating systems, such as Windows XP will certainly not be patched. There have been at least two dozen versions on Meltdown and Spectre since their first releases, such as Speculative Store Bypass, Rogue Data Cache Load, and Branch Target Injection.
Leading CPU manufacturers are developing new CPUs to defend against the Spectre and Meltdown problems, although some of them may not be resistant to the more recent versions on the two main flaws.
How to detect the threat?
The Meltdown and Spectre flaws affect such a wide range of devices that you are almost indeed at risk. However, according to cybersecurity experts, it's worth noting that neither vulnerability has yet to be exploited in the wild. Intel and others promptly began working on patches after researchers uncovered the flaws (and coded their proof of concept). Furthermore, because Meltdown and Spectre don't leave behind logs like typical malware, it'll be difficult to tell if either flaw has harmed you. While the Meltdown and Spectre vulnerabilities are almost surely present on your devices, it's doubtful that you've been targeted. Fortunately, you can do a few things to avoid falling prey to these horrible security flaws.
How can you guard against the Meltdown/Spectre flaw?
The only option to close the vulnerability, aside from replacing a PC's chip, is to patch the operating system. Early in December, Apple stealthily delivered a Meltdown patch for OSX, while Microsoft released a Windows patch on January 3rd, and Linux developers are currently trying to put together a patch.
These Meltdown fixes will, by design, slow down the processing speeds of PCs running the patched OS, which is an undesirable side effect. These slowdowns are expected to reduce performance by 5-30%, depending on the type of chip and the tasks being done.
151 Views
