After a week or so of rumors, everyone is now reporting about the Spectre and Meltdown attacks against pretty much every modern processor out there.
These are side-channel attacks where one process can spy on other processes. They affect computers where an untrusted browser window can execute code, phones that have multiple apps running at the same time, and cloud computing networks that run lots of different processes at once. Fixing them either requires a patch that results in a major performance hit, or is impossible and requires a re-architecture of conditional execution in future CPU chips.
I’ll be writing something for publication over the next few days. This post is basically just a link repository.
EDITED TO ADD: Good technical explanation. And a Slashdot thread.
EDITED TO ADD (1/5): Another good technical description. And how the exploits work through browsers. A rundown of what vendors are doing. Nicholas Weaver on its effects on individual computers.
EDITED TO ADD (1/7): xkcd.
EDITED TO ADD (1/10): Another good technical description.
Posted on January 4, 2018 at 6:28 AM •
Researchers have demonstrated using Intel’s Software Guard Extensions to hide malware and steal cryptographic keys from inside SGX’s protected enclave:
Malware Guard Extension: Using SGX to Conceal Cache Attacks
Abstract:In modern computer systems, user processes are isolated from each other by the operating system and the hardware. Additionally, in a cloud scenario it is crucial that the hypervisor isolates tenants from other tenants that are co-located on the same physical machine. However, the hypervisor does not protect tenants against the cloud provider and thus the supplied operating system and hardware. Intel SGX provides a mechanism that addresses this scenario. It aims at protecting user-level software from attacks from other processes, the operating system, and even physical attackers.
In this paper, we demonstrate fine-grained software-based side-channel attacks from a malicious SGX enclave targeting co-located enclaves. Our attack is the first malware running on real SGX hardware, abusing SGX protection features to conceal itself. Furthermore, we demonstrate our attack both in a native environment and across multiple Docker containers. We perform a Prime+Probe cache side-channel attack on a co-located SGX enclave running an up-to-date RSA implementation that uses a constant-time multiplication primitive. The attack works although in SGX enclaves there are no timers, no large pages, no physical addresses, and no shared memory. In a semi-synchronous attack, we extract 96% of an RSA private key from a single trace. We extract the full RSA private key in an automated attack from 11 traces within 5 minutes.
Posted on March 16, 2017 at 5:54 AM •
Researchers discover a clever attack that bypasses the address space layout randomization (ALSR) on Intel’s CPUs.
Here’s the paper. It discusses several possible mitigation techniques.
Posted on October 19, 2016 at 2:19 PM •
This is really interesting research: “Stealthy Dopant-Level Hardware Trojans.” Basically, you can tamper with a logic gate to be either stuck-on or stuck-off by changing the doping of one transistor. This sort of sabotage is undetectable by functional testing or optical inspection. And it can be done at mask generation — very late in the design process — since it does not require adding circuits, changing the circuit layout, or anything else. All this makes it really hard to detect.
The paper talks about several uses for this type of sabotage, but the most interesting — and devastating — is to modify a chip’s random number generator. This technique could, for example, reduce the amount of entropy in Intel’s hardware random number generator from 128 bits to 32 bits. This could be done without triggering any of the built-in self-tests, without disabling any of the built-in self-tests, and without failing any randomness tests.
I have no idea if the NSA convinced Intel to do this with the hardware random number generator it embedded into its CPU chips, but I do know that it could. And I was always leery of Intel strongly pushing for applications to use the output of its hardware RNG directly and not putting it through some strong software PRNG like Fortuna. And now Theodore Ts’o writes this about Linux: “I am so glad I resisted pressure from Intel engineers to let /dev/random rely only on the RDRAND instruction.”
Yes, this is a conspiracy theory. But I’m not willing to discount such things anymore. That’s the worst thing about the NSA’s actions. We have no idea whom we can trust.
Posted on September 16, 2013 at 1:25 PM •
This list is from Malcolm Harkins, Intel’s chief information security officer, and it’s a good one (from a talk at Forrester’s Security Forum):
- Users want to click on things.
- Code wants to be wrong.
- Services want to be on.
- Security features can be used to harm.
His dig at open source software is just plain dumb, though:
Harkins cited mobile apps: “What kind of security do we think is in something that sells for 99 cents? Not much.”
Posted on September 20, 2010 at 6:20 AM •
Intel buys McAfee.
It’s another example of a large non-security company buying a security company. I’ve been talking about this sort of thing for two and a half years:
It’s not consolidation as we’re used to. In the security industry, there are waves of consolidation, you know, big companies scoop up little companies and then there’s lots of consolidation. You’ve got Symantec and Network Associates that way. And then you have “best of breed” where a lot of little companies spring up doing one thing well and then you cobble together a suite yourself. What we’re going to see is consolidation of non-security companies buying security companies. So, remember, if security is going to no longer be an end-user component, companies that do things that are actually useful are going to need to provide security. So, we’re seeing Microsoft buying security companies, we’re seeing IBM Global Services buy security companies, my company was purchased by BT, another massive global outsourcer. So, that sort of consolidation we are seeing, it’s not consolidation of security; it’s really the absorption of security into more general IT products and services.
EDITED TO ADD (8/19): Here’s something else I wrote about the general trend, from 2007.
Posted on August 19, 2010 at 10:44 AM •
…directed by Christopher Guest: hardware vs software security.
I don’t know what to say. I can’t believe the actors kept a straight face.
Posted on July 26, 2007 at 11:18 AM •
Two years ago I (and others) wrote about the security dangers of Microsoft’s monopoly. In the paper, we wrote:
Security has become a strategic concern at Microsoft but security must not be permitted to become a tool of further monopolization.
A year before that, I wrote about Microsoft’s trusted computer system (called Palladium — Pd for short — at the time):
Pay attention to the antitrust angle. I guarantee you that Microsoft believes Pd is a way to extend its market share, not to increase competition.
Intel and Microsoft are using DRM technology to cut Linux out of the content market.
This whole East Fork scheme is a failure from the start. It brings nothing positive to the table, costs you money, and rights. If you want to use Linux to view your legitimately purchased media, you will be a criminal. In fact, if you want to take your legitimately bought media with you on a road trip and don’t feel the need to pay again for it — fair use, remember — you are also a criminal. Wonderful.
Intel has handed the keys to the digital media kingdom to several convicted monopolists who have no care at all for their customers. The excuse Intel gives you if you ask is that they are producing tools, and only tools, their use is not up to Intel. The problem here is that Intel has given the said tools to some of the most rapacious people on earth. If you give the record companies a DRM scheme that goes from 1 (open) to 10 (unusably locked down), they will start at 14 and lobby Congress to mandate that it can be turned up higher by default.
Posted on July 28, 2005 at 7:25 AM •
The new Pentium D will contain technology that can be used to support DRM.
Intel is denying it, but it sounds like they’re weaseling:
According to Intel VP Donald Whiteside, it is “an incorrect assertion that Intel has designed-in embedded DRM technologies into the Pentium D processor and the Intel 945 Express Chipset family.” Whiteside insists they are simply working with vendors who use DRM to “design their products to be compatible with the Intel platforms.”
Posted on June 11, 2005 at 7:51 AM •
Sidebar photo of Bruce Schneier by Joe MacInnis.