New Spectre-Like Attacks

There’s new research that demonstrates security vulnerabilities in all of the AMD and Intel chips with micro-op caches, including the ones that were specifically engineered to be resistant to the Spectre/Meltdown attacks of three years ago.


The new line of attacks exploits the micro-op cache: an on-chip structure that speeds up computing by storing simple commands and allowing the processor to fetch them quickly and early in the speculative execution process, as the team explains in a writeup from the University of Virginia. Even though the processor quickly realizes its mistake and does a U-turn to go down the right path, attackers can get at the private data while the processor is still heading in the wrong direction.

It seems really difficult to exploit these vulnerabilities. We’ll need some more analysis before we understand what we have to patch and how.

More news.

Posted on May 5, 2021 at 10:35 AM22 Comments


metaschima May 5, 2021 12:33 PM

It’s inevitable that more such vulnerabilities will come up. In the beginning when designing a processor the focus was on performance not security. That has stayed for far too long, I think these companies have to go back to the drawing board and make security number one and performance second. These vulnerabilities will continue to come.

Clive Robinson May 5, 2021 2:57 PM

@ metaschima, ALL,

These vulnerabilities will continue to come.

Yup back when Spector/Meltdown were the first of the CPU “go faster stripes” to go ker-boom I did say that CPU Hardware faults giving side channels would be,

“The Xmas Gift that keeps giving”

And so far that is what has happened, and I can see a lot more comming…

This current one is unlikely to be fixed easily or without a significant performance hit.

Whilst many users will not notice very much (Most Office apps spend over 90% of their time in an idle loop waiting on user input) others will notice a lot, especially those running servers, especially those providing cloud services.

The sensible thing if you need the speed is to disconect your system from all communications, thus it can not be attacked by this issues.

Not so for cloud servers and people trying to use them as for that communications are essential.

Which realy should make people question the wisdom of using cloud services as these sort of CPU issues are not going to go away any time soon…

SpaceLifeForm May 5, 2021 9:13 PM


Editor’s Note, May 5, 2021: This story has been updated.

In response to a significant amount of global media coverage about the newly discovered vulnerability, Intel released a statement May 3 suggesting that no additional mitigation would be required if software developers write code using a method called “constant-time programming,” not vulnerable to side-channel attacks.

[This should be the case when dealing with crypto code anyway. Smells like spin. I suspect it can still leak unless SMT is disabled]

Clive Robinson May 6, 2021 2:57 AM

@ SpaceLifeForm, ALL,

Smells like spin.

It’s worse than that and if Intel do not know that then they should not be making CPUs.

Whilst “constant-time programming” can be written to be not vulnerable to side-channel attacks, it’s really not at alleasy.

Worse it places large time penalties on sodtware. That is all Intel are realy saying is,

“If you write really inefficient code that circumvents all the CPU “go faster stripe” hardware tricks, even though it will be slower to develop and execute than us fixing the hardware problem, it means we don’t have to fix it or get hit with a recall on a decade of CPU sales which will bankrupt us”…

As you are aware I’ve been warning against “Marketing Spec-manship” for a couple of decades. Because it was obvious that wirhout extream care covert side channels be they time or power based would open up.

My basic warning as always is,

“Securiry -v- Efficiency”

As a general rule the more you have of one the less you have of the other.

Just remember the following,

At the moment researchers are only looking at ‘TIME’ based side channels, there are several other classes of side channels including ‘POWER’ and ‘SPECTRUM’ and some more that are even more esoteric.”

And those are ‘Pasive’ TEMPEST type attacks, there are also ‘Active’ injection type attacks I’ve mentioned before, to add to the ever growing pile…

And people wonder why I talk about using Energy Gapping and two computers, one that is ‘gapped’ for activities that require confidentiality or privacy (ie all activities). And one that forms a communications end point that is assumed to be ‘Public Broadcast’ in nature. The trick is developing a secure gap crossing technique where not only is traffic encrypted, it’s also designed to make getting malware across very difficult and to instrument it for signs of someone trying to push malware across.

I could go on, I have in the past, however,

As you say “Just saying”…

Winter May 6, 2021 3:39 AM

“And those are ‘Pasive’ TEMPEST type attacks, there are also ‘Active’ injection type attacks I’ve mentioned before, to add to the ever growing pile…”

These all are based on the adversary having access to the CPU/Core. The main application would then be virtualized servers in the cloud.

What is the alternative? No cloud data processing? Then the question comes up, is that any more secure? The main security problem is software maintenance, updates and settings. Maintaining your own servers might be less secure than being open to this attack.

For indivduals using their own computer, the attack vector could be e.g., Javascript applications. But these require different strategies to counter.

wiredog May 6, 2021 4:59 AM

These are extremely difficult attacks to pull off remotely. (If you’re not remote, then presumably you will be able to pull off other, easier, attacks.) The attacker has to be running their code on the same CPU as the target, and how will you know you’re on the same CPU as the target anyway? So there’s another attack you have to carry out before you can carry out this one. If your data is so valuable that someone will use this type of attack on you then you shouldn’t be on Azure or AWS anyway.

Dave May 6, 2021 5:10 AM

@SpaceLifeForm: That’s a complete cop-out from Intel, sort of like responding to a problem report by saying that all programmers need to do is write bug-free code and the problem goes away. Constant-time code is nearly impossible to write, particularly since any microarchitectural change can immediately make it non-constant-time again.

Clive Robinson May 6, 2021 8:46 AM

@ Winter,

What is the alternative?

There are many that exist currently, and it’s reasonably certain to say there will, just like hardware and software bugs be more in the future.

The problem is “instances -v- classes” it is pointless coming up with a solution for any given instance, that is the “bolt another cludge on till it breaks under the weight of cludges”. I’ve mentioned this before and used “Victorian artisanal steam engine builders” as a historic example of the wrong direction to go in.

What you need is properly designed systems for security. That is ones that cover many “known classes” and also “unknown clases” the easiest way to do this is by “encapsulation and segregation”. Put a machine inside a faraday cage with issolated power supply and user and whilst malware or bugs on the system could crash it or do other “Denial Of Service”(DOS) attacks, it can not directly leak information as there is no direct communications path. However DOD can have knock on effects, and it could result in leaks of information in other ways from outside the energy gapped perimiter[1].

No cloud data processing?

Accessable systems or systems outside of your security perimiter are currently by definition “outside of your control” thus they are not secure without suitably robust protections. The three areas you need to consider are,

1, Communications,
2, Storage,
3, Processing.

For the first two there are known ways of protecting the information via encryption. However currently we can not encrypt the third in anything close to an effective manner. So “NO” cloud processing, it is most definately not something you want to be doing at aby time if you have a duty of confidentiality or need privacy. As far as the West is concerned all commercial entities have a duty of care with regards confidentiality. As Elon Musk found, being honest about things can get you million dollar punitive fines from the likes of the SEC. As others have found you can be litigated against by shareholders or other investors as well as competitors and agencies…

Then the question comes up, is that any more secure? The main security problem is software maintenance, updates and settings.

Much of the problems with software is that it is so very vulnerable when on a system with communications because it can be seen by others, thus attacked.

As a rule of thumb all commercial grade software is released before it should be, and is in no way designed for security (you can not “bolt it on” thus anything that has legacy code, has legacy vulnerabilities). For instance Win10 has legacy code in the kernel going back at least as far as NT4 if not earlier, it’s why 20year or older vulnarabilities come up from time to time.

If you correctly issolate systems then the vectors by which it can be attacked become irrelevant as far as outsider attacks are concerned. Because no outsiders can get to the system as it has no communications[2].

Maintaining your own servers might be less secure than being open to this attack.

That depends on where and how tou set the security perimiter. As a roigh rule of thumb the further out you set the security perimiter, the easier it is to setup and maintain. Trying to secure a computer with external communications is at best going to fail in a short order of time. This leads to the administrators “Hamster Wheel of pain” where it matters not a jot how hard you run you never get anywhere. Because every piece of hardware you use, every piece of software you install and every patch you apply bring unknown vulnerabilities that will sooner or later become known.

As it’s a game you can never win, why bother playing it? Instead play a game you have a way better than evens chance of winning.

As Tsun Zu and many others since have said,

1, Pick your choice of battle grounds.
2, Fight to your advantage not the enemies.
3, Don’t get trapped by the enemy into fighting on their choices, ground or terms.

If you follow those rules then even when the numbers favour the eneny thousands to one you can still fight and eventually by attrician get them to retreate, give up, or capitulate. We call this “Asymmetrical War Fare” and with care the smaller forces can defeat the superior forces much of the time.

[1] Whilst data can not be leaked directly from an Energy Gapped system information can leak as meta-data or meta-meta-data. That is a user may respond in certain ways once outside of the gapped perimeter. Which could be meta-data via changes in external operating procedure, or meta-meta-data, such as a change in routine, ordering in pizza,or increased energy usage for lights, coffee machine, toaster/oven, microwave that could be seen via a Smart Meter that samples both voltage and current as well as the phases between them at upto 600 times a second and send data back via the Cellular data network to any point in the world.

[2] As for insider attacks the old “access to the front pannel” saying still holds when data is not encrypted (ie being processed). There are various mitigations and techniques that can minimise insider attack risk, but if a user or administrator can see the data or encryption keys then it’s game over. Obviously users are ment to see unencrypted data as that is what they work with. However there are some ways where nobody gets to see the encryption keys but that is a subject for abother day about HSM’s that don’t have a stellar record of getting things right (due to poor design choices at some point in time).

Clive Robinson May 6, 2021 9:19 AM

@ WireDog,

These are extremely difficult attacks to pull off remotely.

Define “remotely”…

The reality is only the “instrumentation” has to be local, and slipping instrumentation onto a remote machine is not,as hard as it is often made out to be.

The attacker has to be running their code on the same CPU as the target

Yes and no, there has to be some “instrumentation” running on the CPU but attackers in the past have been adept at repurposing other peoples code like DLL’s. Also there are the ring -3 issues to consider, that is one heck of a “black box” that has proved vulnerable in the past as have other security features on CPU’s. Put simply “we the public” don’t know but it’s reasonably certain that some such as Level III entities do.

[a]nd how will you know you’re on the same CPU as the target anyway?

Well unless you are talking about individuals in their homes, it’s not to difficult to make assumprions based on “bulk purchasing”.

But then you know that anyway,

If your data is so valuable that someone will use this type of attack on you then you shouldn’t be on Azure or AWS anyway.

Which is my point exactly “Cloud Computing” be it as runing your own software or someone elses software is not a secure thing to do no matter what promises contractual or otherwise you get given. Security, confidentiality and privacy basically follows power, if you do not have the power to enforce them, then you have no security, confidentiality or privacy. Worse even where you may have sufficient power over the cloud provider as say the US Gov does, that does not change the fact that the cloud service provider has any power over attackers, so at the end of the day you still do not end up with security, confidentiality, or privacy, as long as an attacker can gain access from a communications method of some form…

Clive Robinson May 6, 2021 9:24 AM

@ Dave, ALL,

Constant-time code is nearly impossible to write, particularly since any microarchitectural change can immediately make it non-constant-time again.

And those problems are not going to change any times soon, especially “microarchitectural change” Marketing are not going to give up on the “Go faster stripes” model thay have stuck to “like turd to a blanket” for the past half century or so…

TRX May 6, 2021 9:49 AM

The trick is developing a secure gap crossing technique

For one customer who valued security, I cobbled up a serial connection between “inside” and “outside” networks, that copied data files from one to the other every ten seconds using a cron script. Originally it was to send print jobs from inside to the printers on outside, instead of buying a bunch of extra printers. Later, it moved documents and even basic SMTP email.

It wasn’t as secure as sneakernet, but it was a good balance between convenience and security.

In the end the email part got to be its main use, and with the shift to “rich” mail formats, external links, and file attachments from customers, plain-text-only offline SMTP wasn’t sufficient for their purposes.

Their current system has a separate computers with separate wiring and switches hooking them to the internet, a bunch of new printers, and… sneakernet to the inner and outer networks, which are physically separated from each other as well as the internet.

wumpus May 6, 2021 10:52 AM


Anything with javascript, java, and anything similar will allow you to trivially insert your script on a client. No idea if it will complete the attack in time to get useful information.

You might be able to to limit malicious Android apps direct access to data, but good luck keeping the user from installing them. This might be a method of last resort for dredging the phone for data.

Getting into a server should be hard, but I really have to wonder. And as Clive mentions, if you buy enough Cloud time, sooner or later you should be running next to just about everything run in that AWS datacenter.

I’m also starting to wonder if only threads from the same process should be allowed to work together in SMT cores. Might be the most extreme example, but probably sufficiently effective (you should have enough cores for your tasks without enough extra threads).

Winter May 6, 2021 11:00 AM

” And as Clive mentions, if you buy enough Cloud time, sooner or later you should be running next to just about everything run in that AWS datacenter.”

Would it help against this attack if your cloud provider would guarantee you an exclusive core, or CPU? Some providers let you rent a server (hardware).

JonKnowsNothing May 6, 2021 12:44 PM

@Winter, @Clive @All

re: What you need is properly designed systems for security. That is ones that cover many “known classes” and also “unknown classes”

Early in database development, when storage was a big cost, programmers used shortcuts in the database to crush data into small spots. One by product was the Y2K problem that reoccurs regularly.

Often times off-the-shelf software had fields repurposed with all those fun codes people made up that “meant something” to a person but not to the system as purchased. eg: field size 1 / A = No ReOrder B = ReOrder C = Immediate Reorder…

And then there was the next step in understanding how things got bollixed up: Field size 1 / Y = Yes / N = No / empty = undefined.

Lots of blanks spread out through the database. Were they errors or omissions? There were lots of discussions about empty fields and whether programs should fill them with a default indicator or leave them “undefined”.

I don’t think many databases leave undefined field values about anymore.

The biggest problem with the code was the nested IF THEN ELSE spaghetti tangle. Not many liked CASE statements, even if they had a tidier appearance.

It’s much harder to spot the “undefined cases” now because so few see enough of the code set to spot them. It’s all run through AI scripts that are limited in what they look for. Every company has to roll their own checkers and for each company their checkers are going to look at stuff important to that company, they are not going to look for stuff just on Altruistic Principles.

Undefined is like a Buffer Overflow.

SpaceLifeForm May 6, 2021 4:20 PM

The comms must be separate from the crypto. The crypto keys must not leak.

As I mentioned previously, are you sure that your cell phone radio is really off when you are in Airplane mode? Even with no SIM? Are you really sure?

Consider the attack angle combining these two features^Wbugs.

The Intercept report outlines how MSAB’s “vehicle forensics kits” make data extraction and breaches of privacy so much easier for the CBP, effectively providing a shortcut to your sensitive information through your car, which lacks safeguards against data extraction.

Around a third of all smartphones in the world are believed to be affected by a new vulnerability in a Qualcomm modem component that can grant attackers access to the device’s call and SMS history and even audio conversations.

Winter May 7, 2021 3:09 AM

“In the cloud, every cpu can have an Evil Maid.”

When half your employees are working from home, how many Evil Maids will they employ themselves?

And if your employees cannot work from home, how much work is still possible?

Security always is a trade-off.

Clive Robinson May 7, 2021 6:48 AM

@ Winter, SpaceLifeForm, ALL,

When half your employees are working from home, how many Evil Maids will they employ themselves?

Do you mean the employees or the employer?

I think from the “Nasty Barclay Brothers” putting, “crotch detectors” under “hot desk units” at their newspaper, through Amazon reportedly putting sensors in employee toilets to ensure they are actually bodily evacuating, to a well known “gig economy” software development outsourcer putting sound, video, keyboard and other sensors that carry on spying 25×7 on the computers of people that work for them, I would assume it’s the employer wanting to “spy” on employees as surreptitiously as possible, just to avoid “bad publicity” (see Amazon and their 18month “non compeate” clause that unfairly stops people working, that even the USG thinks should be stopped).

Winter May 7, 2021 7:11 AM

“Do you mean the employees or the employer?”

I was referring to actual cleaning ladies (M/F) that are hired by the employees to clean their houses+home office. Although, the employers will hire cleaning staff for the offices too, which is indeed another avenue for the Evil Maid (M/F).

Employers and Employees themselves are insider threats.

Anders May 7, 2021 5:38 PM

Why people don’t yet understand – when you
connect your systems to internet or outsource
them to cloud, it’s no more you system or your
data, regardless is there some CPU bug or not.

Question here is not some CPU bug, question here is
way of thinking. CPU’s in the past have numerous
bugs and vulnerabilities – actually i don’t know
no single CPU that is bug free. Some of them manifest
themselves on very rare obscure conditions.

Just one example:


Bottom line – if you upload your precious data to cloud
where the same CPU handles numerous clients, then the last
thing you should be worried is that some other client can
access your data through some CPU bug manipulation. Your data
is already public domain in the cloud.

Unfortunately money and greed rules this world. We once
had superior solutions. Again, just one example:


But if we sidestep the bugs – could you actually understand what
piece of art actually CPU and properly written code is? No single
lockups, no single traps in 16 years! Could anyone care to calculate
how many instructions CPU did during 16 years? Sorry, but i see
this as a masterpiece of human creation.

SpaceLifeForm May 7, 2021 6:40 PM

@ metaschima, Dave, wumpus, anders, Clive, Winter, ALL

The Evil Maid is alive and well in the CPU core next to your server process.

Let’s suppose you are running a server in the cloud.

You have no way of knowing if there is a malicious process running in the core next to you in the same cpu.

What if there is a malicious process running in every core in the cloud?

Are you sure that you can defend?


No cloud. Run your own servers.

Clive Robinson May 8, 2021 3:05 AM

@ SpaceLifeForm, ALL,

No cloud. Run your own servers.

It’s what I’ve been saying for years one way or another for even more reasons all of which get to come true fairly quickly…

The cloud is an attempt to move people from the “ownership model” to the “rental model” where by whay initially looks like a good “accounting” decision very quickly becomes “rental hell”.

The people pushing this model know that in practice most computer systems are basically ideling for the majority of the time. Thus they can supply computing power to a large averaged peak load, where as individuals have to have computing power to the individual peak load. Thus the cloud providers have upto a hundreded to one advantage. Then unlike the individual they have bulk buying leverage with hardware suppliers. Thus it’s easy to see how they can get a five hundred to one or better advantage. Yet they only offer maybe a 20-30% saving to the end user over maybe a year… Then it starts swinging their way and that advantage goes away so after about 18months the cost to the end user will not only be the same, but will rise against them for each month they rent there after…

The downside gets worse, the cost of individual conputers is based on volume production where development costs get spread across the entire volume. If the volume drops then the slice of those costs per machine goes up slowly at first but then quite dramatically.

So switching to cloud setvice provider provision is walking into a trap, which only works because people are way to short sighted to realise that they are being cheated into not just a rental model, but one that also steals the very value that needs to be protected the most.

Hence we’ve kind of seen the dangers of “outsourcing” with China and India rather dramatically with COVID, the cloud is actually a rather more dangerous form of outsourcing you are effectively selling your self into worse than slavery, but will people stop doing it?

I very much doubt it.

Leave a comment


Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via

Sidebar photo of Bruce Schneier by Joe MacInnis.