Safety flaw spectrum in 2021: this variant endangered Intel and AMD

Specter appeared from 2018 as one of the most devastating safety flaws ever known, like Meltdown and Wannacry, the latter being the realization of computer pirates entering through the network.The spectrum flaw allowed hackers to infiltrate the deepest layers of the hardware of the processor (cache memory), to divert the source code of the programs at the heart of the processor, and thus decode passwords, accounts and other sensitive data.

Who is concerned and how to avoid this flaw?

Il faudra attendre une mise à jour via le BIOS et réalisable depuis la carte mère de votre ordinateur pour vous protéger de cette faille de sécurité.If you are an individual, do not panic: this fault is not usable without direct access to your computer. Si vous représentez une entreprise ou que votre matériel est en contact avec des personnes inconnues et potentiellement malveillantes, vous pouvez attendre que cette mise à jour soit déployée puis rentrer en contact avec une société de services informatiques.It will guide you to deploy the correction on your entire computer fleet, regardless of your OS (operating system: Linux, Windows or Mac OS).This also applies for the Meltdown flaw, patched via a correct bios for a good time now.

Extremely dangerous involvement

The data extraction process being the material basis of the AMD or Intel processor, it is impossible for an antivirus to fight such a security flaw.The user has more than any way of knowing if he is infected, the data will continue to be harvested and shared with hackers in the utmost discretion. En effet, c’est la mémoire cache L1 qui est directement visée, soit la mémoire du noyau du processeur …

The most impressive being that even using a digital encryption or safe, the execution of the diversion of the data goes beyond, by placing itself at the lowest level of any process.It is therefore only after harvesting sensitive data that the processor will process the cost of data and data protection orders.Bitlocker, the Windows 10 solution to completely turn its system, it is also ineffective.

Le risque sur les serveurs est très important, nous vous recommandons donc de mettre à jour vos processeurs Intel Xeon notamment.Servers being data centers particularly subject to attacks, you must adopt zero risk in your cybersecurity strategy and limit potential attack vectors.

Since 2018, several fixes have followed one another

Several fixes have followed one another to cope with this threat, Intel and AMD have indeed implemented downloadable solutions to update the microcode of their concerned processors.The update of the BIOS therefore makes it possible to protect yourself against part of the dangers of spectrum, but new variants are regularly discovered and invites us to remain cautious.

Intel à déclaré que ses solutions précédentes, notamment un processus de sécurité Intel LFENCE, qui permet d’encapsuler les données sensibles pour les protéger de toute attaque à quelque niveau hardware que ce soit.However, researchers and in particular several independent researchers subsequently analyzed these declarations and believe that the supposed Intel are false.Indeed, this safety breach is based on a fairly new script execution and therefore allows you to circumvent, for the moment, the protections put in place until then by Intel and AMD on the devices.

An impressive operation

"Researchers from the University of Virginia said last week that they have found a new variant of transitional execution that breaks practically all defenses on chip that Intel and AMD have implemented to date.The new technique works by targeting a buffer on a chip that caches "micro-operations", which are simplified commands derived from complex instructions.By allowing the processor to recover the commands quickly and early in the speculative execution process, the micro-op covers improve the speed of the processor.

Transitional execution uses a malicious code to exploit speculative execution.Exploits, in turn, bypass the limits of the limits, authorization checks and other safety measures integrated into applications.Software that follows the secure coding guidelines of Intel are resisting such attacks, including the variant introduced last week.»

Source: New Specter Attack Once Again Sends Intel and AMD Scrambling for a Fix

Intel Démonly and AMD remains silent

Intel dément toute dangerosité supplémentaire avec cette nouvelle itération de la faille de sécurité Spectre, en argumentant que ses précédents efforts en matière de résilience de hardware au niveau des couches technologiques les plus profondes (mémoire de cache L1, L2 et L3) sont déjà suffisants et protègent ainsi contre cette faille également.

Intel thus declares, translated into French:

“Intel Review the Report and Informed Researchers that Existing Mitigations Were Not Being bypassed and that this scenario is addressed in our secure coding guidance.Software Following Our Guidance Already Haveinstan Protections Incidental Channels Including the UOP Incidental Cache Channel.No new mitigations or guidance are needed.»

However, several independent researchers have shown that this declaration is more than burning. Les hackers ont en effet la possibilité de contourner les différents correctifs jusque-là déployés par Intel ou AMD, via ce qu’on appelle des vulnérabilités CPU transitoires ou “Transient execution CPU vulnerability».

For his part, AMD prefers for the moment that not comment on this news, however burning, however supplier of a good part of the processors of our devices.

A patch to correct the flaw to be expected

Via several tests, Jon Masters, researcher in computer components architecture, specifies on his blog that the spectrum operating mode, to invalidate the techniques of security and verification of information transport in the processor, is still avoidable viaup to date with the processor micro-code.This will therefore probably take the form of an update of the BIOS to change the management of the safety of memory covers and thus improve the safety of the device.

It should also be noted that these safety flaws can only be used via the insertion of a device directly on the targeted machine.You are therefore not likely to make you hack from the internet with such a computer attack.On the other hand, administrations and public places must pay very attention to their devices, in particular if this concerns a server.

Breakdown performance

As often, it is to be expected reduced following these security updates.The processor micro-code is indeed initially designed to optimize processor performance as much as possible, and its update for priority improvement in IT attacks necessarily undermines performance.

Par exemple, les benchmarks réalisés par les utilisateurs sur les processeurs Intel de 2017-2018, à la première itération de la faille de sécurité Spectre, ont montré des chutes importantes de performances, parfois à deux chiffres: entre 5% et 15% ! Le cache mémoire étant fortement impacté, alors qu’il est largement garant des résultats de multithreading.This particularly affected Meltdown patches: this is not a bug, but the direct cause and the deployed corrective, especially in Intel.

Nous vous recommandons donc de ne pas faire ces mises à jour de sécurité à moins d’être sujet aux attaques, c’est-à-dire si vous gérez une organisation publique ou un lieu où vous recevez des clients de manière régulière et sans forcément pouvoir y apporter une grande attention.This will prevent you from being spectrum or any other faed. Sur les serveurs, cela risque de faire mal, mais c’est nécessaire.

Temporal complexity: a new form of secure coding

Ashish Venkat, professor in the IT department of the University of Virginia, has agreed that programming taking into account temporal complexity is an effective means of deploying applications resistant to attacks by secondary channel (such as spectrum or meltdown).Good news for servers owners spinning applications of the genre.

Secondary channel attacks allow as we have seen to overcome certain processor security at its lowest level of computer code execution, cache L1 memory. On les appelle ainsi car elles consistent finalement à passer par un chemin déviant tout “soupçons» du processeur, pour transmettre et extraire des données sensibles de l’appareil aux hackers