In this post we will talk about Meltdown and Specter, What are they? Why are they very serious security flaws in a processor? ENTERS!
Welcome to another new post. 2018 will come with an opportunity for cybercriminals, as it was discovered that there is a very serious flaw in the design of Intel processors, and to make matters worse, it was discovered that the design flaw affected the same way to AMD processors and ARM, but what are these failures? Who is affected? and how can we protect ourselves?
In this post I will try to answer all these questions, so let's start our journey:
Meltdown and Specter, the nightmare of processors
It all started in 1995, the year in which a system called "speculative execution" was designed, which allows processors to work more quickly, it consists of anticipating the executions that will be made in the future in order to gain speed. Let's see it with an example:
In the image above we have an if-else, so we can easily understand which one is going to be executed, and internally the processor, long before reaching this instruction, will go ahead and execute both. When this is reached and therefore the correct one is known, it will discard the invalid one, but the information that passes through it will remain in cache, and therefore MAY BE READ BY ANOTHER APPLICATION.
Almost all processors in the world use "speculative execution", both Intel, AMD and ARM. Consequently, a glitch can be exploited in two different ways, known as Meltdown and Specter.
The first is only compatible with Intel, and the second does not matter the brand, it is in all processors. Let's see what each one is.
He himself breaks the isolation between programs and the operating system, allowing access to the data stored in the kernel, the site where our precious PASSWORDS are stored (among other important things). I leave you a screenshot of what this ruling can help criminals to steal:
Here, the isolation between the applications themselves is violated, allowing the extraction of secret information from one application from another. Unlike Meltdown, Specter does not have a fix, and the other vulnerability is patched. To make matters worse, as I already mentioned, Specter affects all processors, but for your peace of mind, exploiting this flaw is much more difficult, and each attack will be specific to certain hardware.
It is important to note that it is currently known that the companies discovered these flaws 6 months ago, but they all signed a confidentiality agreement, in order to allow time to develop the respective patches.
How do I know if my computers are vulnerable?
Sadly they are most likely vulnerable, since if we only talk about Intel, it has a market share of the 90% globally, and, if we combine it with AMD and ARM, practically all of us are vulnerable to Specter.
One of the saved devices is the Raspberry Pi 3, which has a processor that does not use "speculative execution."
The security researchers of these flaws have mentioned that the patch against this flaw may make our computers up to 30% slower, but Intel says this is an exaggeration; we will have to wait and see who is right.
Additionally, mention that these attacks can only be done locally, so if you are careful about your browsing, you will be safe.
Companies Respond to Meltdown
Google will launch on January 23, 2018 an update for the Chrome browser, which will have this protection. However, they can currently activate this functionality, called "Site Isolation" in the advanced options of the browser.
For Android, an update was released on January 5, 2018, but as you know, with Android you have to wait for each manufacturer to release it as well, so only phones from Google brands are safe.
With respect to Microsoft, they already released the patch for Windows 10, according to them, already most users should have it. It is important to clarify that there may be incompatibility between the antivirus and the computer, so you may get a blue screen after receiving the patch, so it is recommended to uninstall any antivirus that generates problems, and use Windows Defender.
And when it comes to Apple, they have admitted that ALL their computers are vulnerable to these attacks, and I am not aware of any patch that has been released.
Video that explains everything
GOOD MORNING AND GREETINGS FROM OUR TEAM!
GOOD MORNING AND GREETINGS FROM OUR TEAM!