In recent days, the technological world is roaming around two words "Meltdown" and "Spectre". They are not merely just simple words but are the vulnerabilities found in modern processors that run our computers, laptops, smartphones, wearables and many modern gadgets. These vulnerabilities allow programs to steal data, which is currently processed CPU(the heart of processor).
Generally the memory used by processor is very secure and only kernel in operating system (main program that executes all the instructions) can access or modify this memory. No user program or software can access the memory directly. So the data remains secure while the CPU is processing it. This secure data can be saved passwords, encryption keys and critical documents.
Generally the memory used by processor is very secure and only kernel in operating system (main program that executes all the instructions) can access or modify this memory. No user program or software can access the memory directly. So the data remains secure while the CPU is processing it. This secure data can be saved passwords, encryption keys and critical documents.
The devices that use processors can be affected by this kind of attacks! This means every smart device connected to any kind of network! Meltdown and Spectre work on computers, Mobiles and Cloud. The matter of concern is that these vulnerabilities have been present from 20 years and there is no way to trace-back and find out which program has exploited this and at what level. All kind of processors including Intel, AMD, ARM based are affected.
These design flaws are created in pursuit of faster processors. As we are reaching the limits of hardware enhancements, the manufacturers come with some smart ways to reduce the processing time. At this time the processors are designed to anticipate the instructions and use cache memory for accessing the frequently used data. This is called speculative execution, where it predicts and performs some routine tasks and overall we get faster performance. If data is not useful for further execution they are thrown out of cache and this thrown data can be captured by programs to exploit.
Therefore at this point, the thing we can do is to update the software to latest official software patch provided. Here official software patches are important as some hackers are spreading fake security patches that contain malware. Try to avoid cracked software and downloading anything from unknown sources.
This was a very brief information about the Meltdown and Spectre. For more information and research papers you can visit : https://meltdownattack.com/.
Thank you for reading, please share this article and comment if there is any corrections or suggestions.
Image courtesy - The Hacker News
Meltdown:
This breaks the basic isolation between operating system and user program. This is basic isolation which should avoid any leak of secret data used by operating system to the program. If you use patched operating system that run on vulnerable processor, it is very dangerous to work with sensitive data on such device. But there are software patches available against meltdown. But long term fixes need the change in processor hardware.Spectre:
It breaks the isolation between memories used by different applications. This allows the attacker to design a program that steal the data from other program which follows best security practices. So there can be such a situation that as you increase safety checks in software the more data will expose to malicious programs. So spectre attack is more dangerous and difficult to come over, but is it very difficult to design such a spectre program! All spectre attacks cannot be prevented by software patches, but some can be prevented.These design flaws are created in pursuit of faster processors. As we are reaching the limits of hardware enhancements, the manufacturers come with some smart ways to reduce the processing time. At this time the processors are designed to anticipate the instructions and use cache memory for accessing the frequently used data. This is called speculative execution, where it predicts and performs some routine tasks and overall we get faster performance. If data is not useful for further execution they are thrown out of cache and this thrown data can be captured by programs to exploit.
Therefore at this point, the thing we can do is to update the software to latest official software patch provided. Here official software patches are important as some hackers are spreading fake security patches that contain malware. Try to avoid cracked software and downloading anything from unknown sources.
This was a very brief information about the Meltdown and Spectre. For more information and research papers you can visit : https://meltdownattack.com/.
Thank you for reading, please share this article and comment if there is any corrections or suggestions.
Image courtesy - The Hacker News
Can my antivirus detect this attack?
ReplyDeleteUpto some extent, with latest definition updates.
Delete