What you need to know
- Three years ago, Spectre attacks sent companies such as Microsoft, AMD, and Intel into patching frenzies.
- A new research paper posits that Spectre isn't done endangering computers yet.
- The paper cites that Spectre counters will come at the cost of CPU performance.
Update May 4, 2021 at 9:15 a.m. ET: Ashish Venkat, a computer scientist from UVA with a credit on the research paper, has provided a statement in response to Intel's response to the original story.
"We're aware of these guidelines from Intel suggesting software developers to write code in a way that is not vulnerable to side-channel attacks. Here's an excerpt from the Intel article -- 'Developers who wish to protect secret data against timing side channel methods should ensure that their code runtime, data access patterns, and code access patterns are identical independent of secret values.'
Certainly, we agree that software needs to be more secure, and we agree as a community that constant-time programming is an effective means to writing code that is invulnerable to side-channel attacks. However, the vulnerability we uncover is in hardware, and it is important to also design processors that are secure and resilient against these attacks.
In addition, constant-time programming is not only hard in terms of the actual programmer effort, but also entails high performance overhead and significant deployment challenges related to patching all sensitive software. The percentage of code that is written using Constant Time principles is in fact quite small. Relying on this would be dangerous. That is why we still need to secure the hardware."
Intel's initial response statement and the original article follow below:
Update May 3, 2021 at 4:05 p.m. ET: Intel has provided the following statement.
"Intel reviewed the report and informed researchers that existing mitigations were not being bypassed and that this scenario is addressed in our secure coding guidance. Software following our guidance already have protections against incidental channels including the uop cache incidental channel. No new mitigations or guidance are needed."
The original story can be found below:
Researchers from the University of Virginia and the University of California, San Diego, have published a paper entitled "I See Dead µops: Leaking Secrets via Intel/AMD Micro-Op Caches," which explores the latest Spectre attacks and how the threat they pose is distinctly different than the ones from three years ago (via PC Gamer).
Spectre takes advantage of and exploits modern CPU prediction techniques that are designed for optimization but give hackers a way to read key data if the processor makes an incorrect prediction. The researchers who've published the aforementioned research paper cite three main attacks as part of the current wave of Spectre threats.
The issue with combating these attacks is that the major counters involve disabling the source of the readable data or limiting the aforementioned predictive techniques such as speculative execution. All of these solutions would drastically slow performance since they'd be actively undoing key elements of existing processors' optimization efforts.
The full paper is a highly technical read and hard to parse if you're not up to speed on computer security technical terminology, but the long and short of it is that the Spectre threats listed require quite a bit of effort and dedication on the hacker's part, so the average PC user likely won't have to worry too much — for now. Hopefully there isn't another Spectre-fueled scramble to protect PCs on the horizon.
