Monday, May 10, 2021
Home Lead Story Billions Of Computers Around The World At Hacking Risk: Research

Billions Of Computers Around The World At Hacking Risk: Research

Because all current 'Spectre' defenses protect the processor in a later stage of speculative execution, they are useless in the face of Venkat's team's new attacks

An Indian-origin researcher has warned that billions of computers and other devices across the globe are vulnerable today owing to a vulnerability named ‘Spectre’ that was first discovered in 2018 but is open to hackers again. Since ‘Spectre’ was discovered, the world’s most talented computer scientists from industry and academia have worked on software patches and hardware defenses, confident they’ve been able to protect the most vulnerable points in the speculative execution process without slowing down computing speeds too much.

However, researchers, led by Ashish Venkat at the University of Virginia’s School of Engineering and Applied Science, UVA Engineering, discovered that computer processors are open to hackers again. They found a whole new way for hackers to exploit something called a “micro-op cache,” which speeds up computing by storing simple commands and allowing the processor to fetch them quickly and early in the speculative execution process.

Follow NewsGram on Facebook to stay updated.

Micro-op caches have been built into Intel computers manufactured since 2011. Venkat’s team discovered that hackers could steal data when a processor fetches commands from the micro-op cache. “Think about a hypothetical airport security scenario where TSA lets you in without checking your boarding pass because (1) it is fast and efficient, and (2) you will be checked for your boarding pass at the gate anyway,” Venkat said.

Computers
The difference with this attack is you take a much greater performance penalty than those previous attacks. Pixabay

A computers processor does something similar. It predicts that the check will pass and could let instructions into the pipeline. “Ultimately, if the prediction is incorrect, it will throw those instructions out of the pipeline, but this might be too late because those instructions could leave side-effects while waiting in the pipeline that an attacker could later exploit to infer secrets such as a password,” he elaborated.

Because all current ‘Spectre’ defenses protect the processor in a later stage of speculative execution, they are useless in the face of Venkat’s team’s new attacks. Two variants of the attacks the team discovered can steal speculatively accessed information from Intel and AMD processors. “Intel’s suggested defense against Spectre, which is called LFENCE, places sensitive code in a waiting area until the security checks are executed, and only then is the sensitive code allowed to execute,” Venkat informed.

ALSO READ: Cybersecurity: Remote Learning Software Prone To Hacking

“But it turns out the walls of this waiting area have ears, which our attack exploits. We show how an attacker can smuggle secrets through the micro-op cache by using it as a covert channel.” This newly discovered vulnerability will be much harder to fix. In the case of the previous ‘Spectre’ attacks, developers have come up with a relatively easy way to prevent any sort of attack without a major performance penalty for computing.

“The difference with this attack is you take a much greater performance penalty than those previous attacks,” said Ph.D. student Logan Moody. Venkat’s team has disclosed the vulnerability to the product security teams at Intel and AMD. The team’s paper has been accepted by the highly competitive International Symposium on Computer Architecture or ISCA. (IANS/JC)

STAY CONNECTED

19,511FansLike
362FollowersFollow
1,773FollowersFollow

Most Popular

Only 13% Of Global iOS Users Allow Apps To Track To Date After iOS 14.5 Update

After Apple introduced its app tracking transparency tool with iOS 14.5 update to give users better control over their privacy, only 13 percent of...

Coronavirus Protocols To Quickly Identify Mutants Developed By Scientists

A worldwide network of scientists has isolated functional units of the SARS-CoV-2 proteins in such a way that their structure, function, and interactions can...

The AIIMS Guidelines On “Do’s And Dont’s” In Home Isolation

The AIIMS has given guidelines on Covid management in home isolation at a recent training session for 14 experts from tertiary care centers across...

Fauci Says Wearing Masks Could Become Seasonal Following The Pandemic

Wearing face masks may become seasonal when respiratory illnesses are more prevalent, says US top infectious disease expert Anthony Fauci. Fauci said he thinks...

Skeema: This Tool Will Assist You In Managing Your Browser Tabs More Effectively

If you are reading this, chances are you have several other tabs open in your browser. Are you facing trouble with the overloading of...

Why Did Bharatiya Janata Party (BJP) Fail To Secure Hindu Votes In West Bengal?

Though the BJP has increased its tally in the West Bengal Assembly from three in 2016 to 77 in 2021 - a substantial increase...

Study: Organ Transplants Recipients Are Susceptible To Covid-19

Patients, who had organ transplants, remain vulnerable to Covid-19 infections even after a second vaccine dose, finds a study that urges people who are...

Gene Tied To Balding May Also Raise Covid Risks For Men

Men with a common form of hormone-sensitive hair loss are more prone to being hospitalized and at risk for ICU admission due to Covid-19,...

Recent Comments