Chip Defaults: What You Need to KnowAugust 22, 2019
Publicly disclosed in January 2018, design defects found predominantly in processors manufactured by Intel have left virtually every computer on the planet, as well as the data centers that essentially run the Internet, vulnerable to cyber attacks. While there are software patches to address the vulnerabilities, they can considerably impact the speed of your computers and servers. Here is what you need to know.
What structural flaws were found?
Security researchers have found structural flaws in central processors, the brains of any computing device. These flaws allow access to the memory in the kernel, the machine’s most privileged inner sanctum. This is where private files, passwords or cryptographic keys (used to encrypt and decrypt data) are kept. The flaws also allow access to protected data in the cache (information stored to make processing faster).
Most of these design defects were found in chips manufactured by Intel, which makes about 90 percent of the world’s computer processors and 99 percent of the server chips in the data centers that effectively run the Internet.
Why do these flaws exist and how long have they been there?
The structural flaws are a result of the way Intel originally engineered their chips as far back as 1995. In their pursuit for an ever-faster processor, processor manufacturers implemented a functionality known as speculative execution. In simple terms, this function anticipates a user’s needs and accesses information to speed up load time. Intel’s approach to speculative execution introduced a structural flaw that was discovered in 2017, when researchers learned that “secure” areas of the chip were actually vulnerable to hacking.
What security vulnerabilities could exploit these flaws?
Since the initial disclosure of the flaws, seven vulnerabilities have been uncovered: Meltdown, Spectre, Foreshadow, Zombieload, RIDL, Fallout and SWAPGS (just disclosed in early August 2019). Spectre affects all modern processors, but is also much more difficult for a hacker to utilize. The other exploits are specific to Intel processors, and researchers have found are much easier for a hacker to implement successfully.
Many security analysts agree these vulnerabilities are catastrophic as they allow malicious actors to bypass system security protections present in nearly every computing device with a central processor.
Which processors are most susceptible to these security vulnerabilities?
Not all processors are subject to these exploits. Intel processors are susceptible to all of the exploits because of the way they implement speculative execution in their design, which introduced a flaw that could allow those with unauthorized access to view protected data. As the dominant player in the market, these Intel chips are virtually in every computer and data center on the planet.
Intel’s closest competitor, AMD, is only subject to Spectre, as they have a different chip architecture that does not have the same flaws as Intel.
How does this harm cloud computing services?
On cloud computing services, like Amazon Web Services, Google Cloud Platform or Microsoft Azure, multiple virtual machines coexist in the same physical server. If malicious code is implemented on one of these virtual machines, it could peer into the most protected parts of its neighbors. Cloud computing providers and the small businesses who depend on them could face catastrophic impacts if these vulnerabilities are exploited. Many of these services have installed software patches to address these vulnerabilities; however, users have reported slower performance. Make sure to talk with your IT departments to determine if any of these patches have been implemented into the systems you use.
Have there been any reported attacks?
These attacks do not leave any trace, so it would be impossible to know unless the hacker publicized it.
What can be done to address these flaws?
Intel and the other companies as well as their customers (Google, Microsoft, Apple) have released a series of patches in an attempt to address these exploits. However, the underlying structural flaws remain, and more exploits continue to be discovered. The SWAPGS vulnerability was just announced on August 6, 2019, and patches have been released (this exploit is again Intel only according to researchers).
It is important to note that some patches can significantly undermine computer performance – some reports indicate from five to 40 percent. Some businesses have reported increased expenses due to the need to purchase additional server capability and higher energy consumption, or from price increases passed down by cloud computing or virtual machine providers that have also needed to mitigate the exploits.
The only true fix to repair the security flaws would be to exchange each defective chip for a new device that is not subject to vulnerabilities and compromises in performance. However, that would be very costly. It is important to consult with your IT departments to understand what generation of processors you are currently using, if any software updates have been implemented to address these security vulnerabilities, performance impacts, and what other options you may have.
Take a deeper dive:
In an episode of the Broken Silicon podcast, for example, an anonymous server engineer noted that Intel’s security flaws are like a “natural disaster” – low frequency, high impact issues that many IT experts are unprepared for. Following the installation of the Spectre patch, the engineer “instantly saw a 20 percent performance hit” and once he added on the Meltdown patch, he saw a 30 percent performance hit with hyperthreading disabled. When hyperthreading was enabled he was seeing performance hits upwards of 50 percent. Additionally, following the installation of these patches, he saw his costs increase by $140 per month as each additional watt of power needed to run a server costs $15.