CPU Vulnerability

The virtual memory subsystem of modern processors are variously vulnerable to attacks now dubbed Meltdown and Spectre. Known to professionals for many months, news appeared in the mass media days before the agreed upon coordinated release date of January 9, 2018. register

For decades cpu designers has added logic to make instructions run ever faster than the programming abstraction would suggest. Add logic to avoid logic. What could possibly go wrong? See Secure Automata

There has been a balance of power between those who design and then patch logic with those who exploit unintended behavior of that logic. A recent Foresight report suggests this balance is at risk. See Cyber Risk Foresight

Google's Project Zero has been among the good guys in these most recently uncovered problems. Their stated objective is to significantly reduce the number of people harmed by targeted attacks. post

Project Zero reported with detailed explainations that CPU data cache timing can be abused to efficiently leak information out of mis-speculated execution, leading to (at worst) arbitrary virtual memory read vulnerabilities across local security boundaries in various contexts. post

These two exploits are newsworthy only because they are so deeply embedded within the computing infrastructure and thus expensive to correct. Passwords might be exposed that enable more damaging attacks but these are already subject to widespread phishing attacks.

Considering the complexity of the proof-of-concept demonstrations I suspect Meltdown and Spectre will not be identified as critical to any attack by rogue organizations already stockpiling zero day vulnerabilities. More likely the public will just become more accustomed to these news stories. See Vague Dread

I agree with Foresight that we are in an attack-patch arms race that we cannot win. Now is a good time to be imagining strategic or even revolutionary change.


Chris Mills is collating advisories and press releases from vendors as he find them that relate to the recently disclosed issues regarding speculative execution side-channel vulnerabilities. post