Are “Meltdown” and “Spectre” Something to Worry About?

Intel processors are having a Meltdown while AMD and ARM are being attacked by a Spectre.

Is a James Bond villain making our computers freak out?

No, it’s a new vulnerability found within these processors that affects Windows PCs, Linux, Mac, and even Android phones.

A fix has been identified, named KAISER, and all the major companies like Microsoft and Google are working on patches, or have already sent them out.

The good news is that these bugs are theoretical at this point. No evidence has been found that a hacker has actually used them to steal data. They can also affect Amazon Web Services and Google Cloud, both of which have already patched their servers and secured the problem.

Meltdown allows malicious programs to gain access to higher-privileged parts of a computer’s memory, while Spectre steals data from the memory of other applications running on a machine. Meltdown is said to be limited to Intel processors, but Spectre has been exploited on ARM as well as AMD processors.

Your private and important data is stored in the kernel, a highly protected part of the processor. What Meltdown and Spectre potentially do is allow data to be pulled from the kernel into a safer zone, like an application, and pull it out.

When modern Intel processors execute code and arrive at the point in an algorithm where instructions branch out into two different directions, they save time by “speculatively” venturing down these forks. So, in other words, they take a guess and execute instructions in order to get a head start. If the processor learns that it went down the wrong path, it jumps back to the fork in the road and throws out the speculative work.

A hacker could trick a processor into letting the unprivileged code sneak into the kernel’s memory by using speculative execution. Retrieving this data isn’t easy since the processor throws out the temporary data when it jumps back to the fork. It does, however, temporarily store this information in the computer’s cache. With some clever coding and patience, a hacker could easily find and steal the data in the cache, giving him access to personal information, passwords, and more.

In order for a hacker to gain access to these kernels and steal your sensitive information, he has to first get into your system. Once inside, he can then install the malicious software needed to take advantage of the vulnerability.

Intel, AMD, and ARM have all been hard at work coming up with a fix for this serious vulnerability. But it’s not just PC’s or Mac’s that are being affected. Amazon and Google servers also use these chips, which could not only allow hackers to see the data on your server but potentially jump servers to see other people’s data as well.

Microsoft, Linux, and Apple are also getting involved to repair the issue. One potential downside to fixing this problem is a possible slowdown of your CPU or phone. Isolating the kernel memory from unprivileged memory could cause a significant slowdown in some processes.

While it’s still too early to know exactly how significant the slowdown will be, some researchers are saying that it could be as high as 30%. Once the patches to fix the issue are rolled out everywhere, we should get a better picture of how this will affect performance. But still, it’s better to have some slowdown than to have a hacker taking information from your PC.

To prevent hackers from taking advantage of your system with Meltdown or Spectre, make sure to keep all the software on your computer updated, including web browsers. Keep Flash updated as well.  Then run security software to be sure you don’t have any unwanted or malicious software on your system. Finally, be on the lookout for phishing emails. A hacker could use this to trick you into letting their malicious code onto your system.

Author: Joe Martin, Date: 2018-01-05