search
Only on Eduzaurus

Intel Corporation: Spectre and Meltdown Attacks and Intel's Response

Download essay Need help with essay?
Need help with writing assignment?
72
writers online
to help you with essay
Download PDF

Intel Corporation is an American multinational corporation and technology company founded by Robert Noyce and Gordon Moore on July 18,1968. It is the world’s second largest and second highest valued semiconductor chip manufacturer. Intel invented the x86 series of microprocessors, the processors found in most personal computers even today.

Intel supplies processors for computer system manufacturers such as Apple, Lenovo, HP, and Dell. Intel also manufactures motherboard chipsets, network interface controllers and integrated circuits, flash memory, graphics chips, embedded processors and many other devices related to communications and computing.

Essay due? We'll write it for you!

Any subject

Min. 3-hour delivery

Pay if satisfied

Get your price

Intel ranked No. 46 in the 2018 Fortune 500 list of the largest United States corporations by total revenue. Intel is incorporated in Delaware.

Intel in 2018

In January of 2018, the world saw to two huge CPU vulnerabilities. The vulnerabilities are named as spectre and meltdown. They are predominantly caused due to the chips manufactured by intel. They adversely affected the customers’ privacy. These can allow an attacker to read sensitive information from a computer’s memory including stuff like passwords, photos, messages, among others. It had an impact on every organization and individual purchasing a computer in 2018

A series of events that happened during 2018 regarding the issue:

On January 1, Tech blog Python Sweetness, found an ’embargoed security bug’ in intel processors. According to him, Microsoft, Amazon, and Google and other Tech giants could be affected by the cybersecurity risk.

On January 3, A website was launched by researchers from Google and academic institutions to look into vulnerabilities caused by processors: Meltdown, related to Intel processors, and Spectre, related to Intel and competitors. Intel admitted that there are security flaws.

On January 3, three class-action lawsuits were filed against Intel for ‘deceptive practices, breach of implied warranty, negligence”. Intel said it will have 90% of affected chips fixed by next week. But, failed to do that.

On January 5, Intel’s stock was down by more than 5% according to CNBC and Quartz.

On February 16, Intel faced 32 lawsuits from shareholders and customers for security risks in its chips.

On February 22, Intel did not inform U.S. cybersecurity officials about Meltdown and Spectre until they were leaked to the public. Media outlets described the effort as Intel ‘intentionally hiding’ the flaws, or keeping security agencies in the dark.

All of the variants of vulnerability involved a malicious program getting access to data that it shouldn’t have the right to see, and do so by exploiting two important techniques used for boosting the speed of computer chips, called speculative execution and caching.

Speculative Execution

Speculative execution involves a chip trying to predict the future in order to work faster. If the chip knows that a program involves many logical branches, it will start working for all of those branches before the program even decides between them

Caching

Caching is a technique used to increase the speed of memory access. It takes a long time for the CPU to get data from RAM, which is on a separate chip, so there’s a special small amount of memory storage called CPU cache on the CPU chip itself.

Protected Memory

It is the foundational concept underlying computer security. No processor on a computer should be able to access data unless it has permission to do so. This allows the program to keep its data private from some of its users, and allows the operating system to stop one program from seeing data belonging to another. In order to access data, a process needs to undergo a privilege check, which determines whether or not it’s allowed to see that data.

But a privilege check can take a long time. This is the key to the vulnerability — while the CPU is waiting to find out if the process is allowed to access that data, due to speculative execution, it starts working with that data even before it receives permission for doing so.

Meltdown

Meltdown cracks the fundamental separation between user applications and the operating system. This attack allows a program to access the memory, and also the secrets, of other programs and even the operating system. The security vulnerability was called Meltdown because the vulnerability basically melts security boundaries which are normally incorporated by the hardware.

Meltdown misuses a condition inherent in the design of many modern CPUs. This occurs between memory access and privilege checking when CPU processes the instruction that we provide. This vulnerability allows a process to get past the normal checks that prevents the process from accessing data belonging to the operating system and other running processes. The vulnerability allows an unauthorized process to read data from any address that is in the current process’s memory space.

Meltdown effectively makes it possible for a process to read any physical, or other processes’ mapped memory irrespective of whether it should be able to do so. Meltdown doesn’t require too much knowledge of how the program works, but it only works with specific kinds of Intel chips. This is a pretty severe problem

The vulnerability is possible on any operating system in which data is mapped into virtual memory for processes which includes many present-day operating systems. Meltdown could possibly impact a wider range of computers than presently identified, as there is little to no variation in the microprocessor families used by these computers. A Meltdown attack cannot be detected when it is carried out.

How Meltdown Attacks Work

Meltdown attacks, according to the original authors of the Meltdown paper, are conducted in three steps:

  1. The content of an attacker-chosen memory location, which is not accessible to the attacker, is loaded into a register.
  2. An instruction accesses a cache line based on the secret content of the register.
  3. The attacker uses Flush and Reload mechanism to find the accessed cache line and hence the secret stored at the chosen memory location

Spectre

Spectre cracks the separation between different applications. It allows an attacker to make error-free programs reveal their secrets that would not be leaked otherwise. The safety checks in this case dur to spectre actually increase the attack surface and may make applications more susceptible to Spectre. This vulnerability generally affects modern microprocessors that indulge in branch prediction. Branch prediction is a digital circuit that tries to guess which way a branch will go before it is known for sure. On most processors, the speculative execution resulting from a branch misprediction may have side effects that will leak private data to attackers.

Spectre is specifically dangerous because of is its ability to cause physical damage to the computer. For this reason, Spectre causes a core problem much more problematic than an average virus or malware. Spectre is an attack method which allows a hacker to “read over the shoulder” of a program it does not have access to. Using code, the hacker gets to know the encryption key allowing full access to the program. An encryption key safeguards information and makes sure that only authorized individuals have access. But, spectre cracks it.

Doing so allows Spectre to read the program entirely and gain access to the kernel, the most protected part of a computer’s operating system. Once the attacker gets to know the encryption key for kernel, the attacker can access any data ranging from browsing history to personal conversations.

However, there are limited uses for this attack. Generally, individual personal computers don’t get affected by this attack. Spectre primarily attacks multi-tenant systems, also known as cloud systems. This means vendors like Google, Amazon Web Services and Microsoft physically vulnerable.

How Spectre Attacks Work

Spectre attacks are conducted in three steps:

  1. The setup phase, in which the processor is mis trained to make an erroneous speculative prediction.
  2. The processor speculatively performs instructions from the attacker into a microarchitectural covert channel in the computer.
  3. The sensitive data is recovered. This is possible with timing access to memory addresses in the CPU cache.

Intel’s Response to Spectre and Meltdown

Intel’s initial responses to spectre and meltdown were not satisfying and the customers were not really happy with it. However, Intel later issued am official statement online properly addressing the issue.

Intel’s first response to the initial Meltdown and Spectre was a blog post that said performance impacts caused by the vulnerabilities are are workload-dependent and that they should not be significant to the average computer user instead of talking about possible server problems that may be caused due to the vulnerability.

A day later, Intel issued a second response. The company admitted that performance impact caused by the vulnerabilities may initially be higher on some workloads. Intel assured updates for 90 percent of processor products to deal with the security problems. These updates are BIOS firmware updates, which were not sold by Intel and required personal computer makers like dell to properly manage and inform customers that they exist. The problem was not solved yet.

Intel CEO Brian Krzanich in a few daysaddressed the issue by repeating Intel’s promise of security updates and admitted that some workloads may experience a larger impact than others due to the vulnerabilities.

Intel issued its third statement later making it clear that performance impacts shouldn’t be much for average computer users.

Intel kept repeating that the average computer users should not worry about it instead of actually giving a legitimate solution for the problem faced by millions of its customers.

Intel’s last statement included benchmarks to support its findings, but they’re limited to the latest eighth-generation Intel processors. Intel did not mention the impact to older devices, but the company finally acknowledged that there are cases where the impact may be significant which itself is a huge step on the intel’s side.

Intel’s Official Statement in Response to Meltdown and Spectre

Intel and other technology companies have been made aware of new security research describing software analysis methods that, when used for malicious purposes, have the potential to improperly gather sensitive data from computing devices that are operating as designed. Intel believes these exploits do not have the potential to corrupt, modify or delete data.

Recent reports that these exploits are caused by a “bug” or a “flaw” and are unique to Intel products are incorrect. Based on the analysis to date, many types of computing devices — with many different vendors’ processors and operating systems — are susceptible to these exploits.

Intel is committed to product and customer security and is working closely with many other technology companies, including AMD, ARM Holdings and several operating system vendors, to develop an industry-wide approach to resolve this issue promptly and constructively. Intel has begun providing software and firmware updates to mitigate these exploits. Contrary to some reports, any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time.

Intel is committed to the industry best practice of responsible disclosure of potential security issues, which is why Intel and other vendors had planned to disclose this issue next week when more software and firmware updates will be available. However, Intel is making this statement today because of the current inaccurate media reports.

Check with your operating system vendor or system manufacturer and apply any available updates as soon as they are available. Following good security practices that protect against malware in general will also help protect against possible exploitation until updates can be applied.

Intel believes its products are the most secure in the world and that, with the support of its partners, the current solutions to this issue provide the best possible security for its customers.

How Intel Combatted the Issue

Establishing the Intel Product Assurance and Security (IPAS) Group

Intel Product assurance and Security Group was formed as a result of public disclosure of Spectre and Meltdown. However, Intel Product assurance and Security Group scope is much broader in order to prevent further customer security issues. It is designed to act as Intel’s security “mission control”. Intel Product assurance and Security Group is a product assurance and security effort that spans all of Intel developing policy and best practices, and driving critical decision control.

Completing the Microcode Updates

The security vulnerabilities Spectre and Meltdown presented a challenge for intel. When vulnerabilities require updates to microcode, the code that controls transistors on the chip, Intel issued a microcode update (MCU). The microcode update was extremely helpful and many customers were able to actively deal with spectre and meltdown because of it.

Engineering New Protection into Hardware

Intel in order to advance security at the silicon level to help customers protect against side channel exploits introduced new protection mechanism. Intel started introducing this with 8th Generation Intel® Core™ U-series processor (Whiskey Lake) in August, followed by 9th Gen Intel Core desktop processor (Coffee Lake) in October. And, next-generation Intel® Xeon® Scalable processor (Cascade Lake) is the first x86 processor released to market that has hardware-based protections for Spectre V2.

Automating the Microcode Update Process

Intel believed that a better consolidated update process for security as well as functional issues would be helpful. So, it transitioned to a quarterly release model aligned with others in the ecosystem wherever possible. One major issue faced by Intel was the microcode update distribution process. The first important initiative of IPAS was to improve the delivery of Microcode updates so as to make it easy for customers. In June 2018, Intel made its MCUs OS-loadable, making the update for Spectre V2 possible via Windows Update. Intel is working on enabling delivery of MCUs through this automated process.

Increasing Research Internally and Externally

Intel actively increased its red team exercises – connecting deep offensive security research with deep product knowledge to find and deal with possible vulnerabilities before products ship. Its security researchers and engineers share their insights with the broader community by publicly releasing its findings and presenting to peers at industry events. In return, it is learning from the broader community from its bug bounty program and engaging academia through sponsored research and its “researcher in residence” program.

Disclaimer

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers. You can order our professional work here.

We use cookies to offer you the best experience. By continuing to use this website, you consent to our Cookies policy.

background

Want to get a custom essay from scratch?

Do not miss your deadline waiting for inspiration!

Our writers will handle essay of any difficulty in no time.