Severe Security Issue Detected in Intel Processors - Does This Place Arch Rival AMD at an Advantageous Position?
A design fault has been detected in Intel chips manufactured over the last decade that is apparently a major security flaw which could be used as loophole in massive attacks by hackers.
A design fault has been detected in Intel chips manufactured over the last decade that is apparently a major security flaw which could be used as loophole in massive attacks by hackers. Fixing the flaw will require major changes to be made to the Windows and Linux kernels, even macOS machines running on Intel chips are also impacted. As the problem is within the Intel x86-64 hardware, it can’t be fixed with a microcode update; instead, an OS-level fix is required for the affected operating systems.
Possible Ways in which the Security Hack maybe Misused
Possible Quick Fix and Performance Slowdown by 5 - 30 Percent
The immediate solution comes in the form of a KPTI (Kernel Page Table Isolation), which separates the kernel’s memory from user processes. But this solution increases the kernel’s overhead, and to worsen the situation, there seems to be a huge risk of slowing down the performance of a CPU by 5 - 30 percent, depending on the task and processor model. These Kernel Page Table Isolation patches move the kernel into a completely separate address space, so it’s not just invisible to a running process, it’s not even present at all. Actually this shouldn’t be necessary, but clearly there is a flaw in Intel’s chips which allows kernel’s access protections to be bypassed in some way. The downside to this separation is that it is relatively expensive in terms of time, to keep switching between two separate address spaces for every system call and for every interrupt from the hardware. These context switches do not happen instantly, and they force the processor to dump cached data and reload information from memory. This increases the kernel’s overhead, and slows down the computer. Consequently, your Intel-powered machine will run slower.
Impact on Virtual Environments and Regular Users
It seems companies that use virtualized environments are the biggest targets for those looking to exploit the vulnerability. "There are hints the attack impacts common virtualization environments including Amazon EC2 and Google Compute Engine,” wrote Python Sweetness, and additional hints the exact attack may involve a new variant of Rowhammer. Microsoft, Amazon, and Google are all working on fixes set to be implemented over the next week. For regular users, it's possible the patches won’t have much of an impact on daily usage and gaming frame rates. Additionally, future fixes should have less of an effect on performance.
How is AMD using this Issue to its Advantage?
Intel competitor AMD has already used the vulnerability as a way of promoting its processors, which it says aren’t affected due to their extra security protections.
“AMD processors are not subject to the types of attacks that the kernel page table isolation feature protects against,” wrote Thomas Lendacky, a member of the Linux OS group at AMD. “The AMD microarchitecture does not allow memory references, including speculative references, that access higher privileged data when running in a lesser privileged mode when that access would result in a page fault.”
Intel’s microprocessors are the fundamental building blocks of the internet, corporate networks and personal computers. The company has added to its designs over the years trying to make computers less vulnerable to attack, arguing that hardware security is typically tougher to crack than software. The Santa Clara, California-based company’s chips have more than 80 percent market share overall and more than 90 percent in laptops and servers. Programmers have been working for two months to try to patch the flaw in open-source Linux system, The Register said, adding that Microsoft was expected to release a patch for the issue soon. We need to wait as more details are reported by Intel on the security patches.