Early In January, 2018, a new security vulnerability was discovered. This vulnerability has existed for the past 20 years, but no one has come forward with the discovery until now (the vulnerability may have been discovered and used before, just not shared). To sum it up, Spectre and Meltdown are the names used to describe three variations of a vulnerability that affects almost all computer chips manufactured in last 20 years. That means everything from your HP laptop to your iphone is affected by this vulnerability.
The Security Stronghold does a great job of explaining this vulnerability in a way easy to understand. Here is how it works:
What Is The Vulnerability?
By using this vulnerability, a malicious program can gain access to and spy on data that it should not be allowed to see. The attack exploits two features in computer chips used to increase speed, one called speculative execution, and the other, caching. Don’t worry about those words, we will explain.
What is Speculative Execution?
Speculative execution is a fancy term for when a computer chip works ahead to improve speed. The chip will find the solutions to both outcomes of the current choice before the choice is made
What is Caching?
Caching is used to speed up memory access. It takes a long time for the CPU to get data from RAM (random access memory) because RAM is on a separate chip. To get around this, there is a small amount of memory on the CPU chip. This allows fast retrieval of data that the chip will soon need. Often times the output of speculative execution is stored in the CPU cache.
Now it gets messy. Speculative execution and caching are part of protected memory, which has the vulnerability that Spectre and Meltdown attacks take advantage of.
What is Protected Memory?
Protected memory is fundamental to compute security. Without protected memory any process would be able to access any data, whether it should be able to or not. With protected memory, programs are able to keep their data private from users and other programs.
If a process wants to access data it must undergo a privilege check. Here lies the key to understanding the vulnerability. A privilege check can take a long time and the CPU, while it is waiting, starts working with the data because of speculative execution, even though the CPU has not received permission yet. Now you might be thinking “What’s the big deal?”, because the speculative execution results are still protected at the hardware level (privilege check). However, because the data is stored in the CPU cache before privilege is granted, and because the CPU cache can be accessed quickly, a process can try to access certain memory location in an attempt to see if that data has been cached. Even though the process can not read the memory because it does not have the privilege to do so, it can figure out what that data might be by identifying that memory location; the process will be rejected quicker if the data has been cached. This is also known as a side channel attack.
Don’t worry if that didn’t make sense. What you really need to know is what can happen, and how to prevent it.
WHAT THIS MEANS
At this point you might be wondering what this means. Do hackers know my passwords? Are my credit card compromised if I have shopped online? Is the world going to end? Not quite, but there are still some things you should be concerned about.
Spectre and Meltdown open the door for many dangerous attacks. Malicious code on a website could trick your browser into divulging user and password data. The attack could also cause information of other users to be leaked. This is especially concerning for cloud computing and any online services that you use.
The worst part: this discovery means that all secure code – code that was written to be secure with the assumption that the underlying hardware was secure – is no longer secure. Spectre and Meltdown could cause big problems but you can still stay secure.
In order to best combat Spectre and Meltdown, we suggest you take a few actions:
- If you use shared-hosting (i.e. cloud) services, you should check with your service provider to confirm they’ve applied security updates to address these vulnerabilities.
- You should deploy security updates to all systems and devices as soon as they become available.
- If you are truly concerned, consider discontinuing the use of systems that cannot be updated.
- Use an anti-malware solution to protect yourself against attacks that might attempt to exploit the Spectre and Meltdown vulnerabilities
In general, here are a few tips to make sure you are secure:
- Use antivirus and anti-malware
- Update your operating system
- Update your software
- Use digital shredding
- Don’t leave your devices unattended
- Don’t use the administrator account unless absolutely necessary
- Ensure your firewall is turned on and configured correctly
- Protect yourself from phishing and other social engineering attacks
- Clear your data from web browsers
- Do not store sensitive data on USB or other drives
- Use a strong password
- Only download software from reputable sources