Meltdown and Spectre
Security remains a major concern for organizations. The recent vulnerabilities Meltdown and Spectre have put organizations at considerable risk. Meltdown and Spectre leak the confidential information stored on your devices. Modern processors and cloud are vulnerable to Meltdown and Spectre, which forces system architects to redesign the processors. Though these vulnerabilities have some common characteristics, they are distinct. Meltdown breaks the isolation between the user memory & kernel and allows to read the unprivileged data stored in the cache. On the contrary, Spectre breaks the isolation between the processes. It is essential to know how these vulnerabilities exploit your processors. Let’s see.
Demystifying the security breaches
Modern processors are designed to provide quick outputs using a technique, Speculative Execution. It stores all of your operational instructions (Inputs) in the cache memory to provide quick access. But these data are not secure, and hackers can easily steal these data.
The cache memory stores the copy of your instructions (inputs) to provide quick access to data. The instructions are the operations performed earlier.
For example, you visit a website for the first time. It takes time to load the logo, images on the page, etc. The next time you are visiting the same website, but it loads within seconds. What happens is the browser cache stores the copy of the website logo and the images on the local computer and fetches the data quickly.
The name suggests that the results executed based on the guesswork.
For example, a user has visited a website which has multiple language options. But he customized it with his preferred language, English. The user revisits the same website after a few days. Now the website displays in the English language, which means the website understands the preference of the user and displays according to it. This mechanism of providing faster results based on the user activities is Speculative Execution.
Side channel attack:
It is more like a trial and error. The hackers will look for the secret value stored in the cache memory. It might be your password or other business-critical data.
Imagine, the password is HELLO.
The hacker types A, the system looks for the value in the cache. If not so, then it will check with the main memory which takes a lot of time.
The hacker types B, the system will undergo the same process and reject the value if it is not available in the cache.
Eventually the hacker types H, the value stored in the cache. Therefore, it takes minimum time.
The hacker will note the time difference. It becomes clear the value H is in the cache. This mechanism of stealing data is Side Channel Attack.
Building a robust defense
Stay safer by practicing the following methods
- Make sure your patches are up-to-date
- Turn on the chrome site isolation to protect your browser
- Install UEFI (Unified Extensible Firmware Interface) and BIOS (Basic Input/Output System) update manually from your PC manufacturer’s website
- Use Microsoft’s Powershell script to check your system is protected or not
To know more about Microsoft Powershell Script, check this site: http://ow.ly/JhIc30iUuDq
Saravana kumar. S
Assistant Program Manager – IMS