Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researchers Discover SplitSpectre, a New Spectre-like CPU Attack (zdnet.com)

Posted by BeauHD on from the new-and-improved dept.

An anonymous reader writes from a report via ZDNet: Three academics from Northeastern University and three researchers from IBM Research have discovered a new variation of the Spectre CPU vulnerability that can be exploited via browser-based code. The vulnerability, which researchers codenamed SplitSpectre, is a variation of the original Spectre v1 vulnerability discovered last year and which became public in January 2018. The difference in SplitSpectre is not in what parts of a CPU's microarchitecture the flaw targets, but how the attack is carried out. Researchers say a SplitSpectre attack is both faster and easier to execute, improving an attacker's ability to recover code from targeted CPUs. The research team says they were successfully able to carry out a SplitSpectre attack against Intel Haswell and Skylake CPUs, and AMD Ryzen processors, via SpiderMonkey 52.7.4, Firefox's JavaScript engine. The good news is that existing Spectre mitigations would thwart the SplitSpectre attacks.

9 of 48 comments (clear)

  1. Missing Information by Jane+Q.+Public · · Score: 3, Interesting

    I presume that since mitigation measures for Spectre also work against Split Spectre, that CPUs (like mine) which aren't vulnerable to Spectre are also not vulnerable to Split Spectre?

    I realize that it's a bit of speculation but it seems like a reasonable conclusion.

    I know it might surprise some people but not all recent processors are vulnerable. For example, according to intel, in their i7 lineup only their 45nm and 32nm process chips are vulnerable.

    1. Re:Missing Information by Anonymous Coward · · Score: 2, Informative

      Intel has provided microcode updates for most CPU lines. Most have been distributed via a Windows Update after Microsoft decided to help when motherboard vendors went missing in action.

    2. Re:Missing Information by darkain · · Score: 4, Funny

      Are you speculating whether or not you're vulnerable to speculation attacks..?

    3. Re:Missing Information by arth1 · · Score: 4, Informative

      Intel has provided microcode updates for most CPU lines.

      For odd definitions of "most". Out of the 221 processors Intel have microcode updates for, 49 have updates from 2018. The rest do not.

  2. They laughed by Anonymous Coward · · Score: 4, Insightful

    Oh you, managed languages are safe.
    Okay so they aren't, but sandboxes are safe.
    Okay alright there are bugs, but virtual machines are safe.
    So about thos' virtual machines...
    Yeah fuck you, throw another layer on, what does it matter.

  3. Re:jesus christ on a raft... by Waffle+Iron · · Score: 4, Funny

    time to dig out my old kim-1 and forth env.

    Sorry, but security researchers have recently discovered that due fundamental architectural issues, a hypothetical malicious program could trivially access *all* of the data on any 6502-based system.

  4. linux has microcode updates as well! by Joe_Dragon · · Score: 2

    linux has microcode updates as well!

  5. Re:Maybe its time to rething - Linus by vyvepe · · Score: 2, Insightful

    No, Linus is right. The performance impact of the patches is big.

    If you have up to date browser then you do not have a problem. Resolution of timers available from scripts is lowered to make this attack infeasible.

    If you are running executable from web then you have much bigger worry than spectre. The executable can damage you directly instead of trying to rely on a a "cooperation" of another process.

    These bugs are mostly a serious worry for companies renting virtual machines where executables run in the images are by default hostile.

  6. Re:Maybe its time to rething - Linus by squiggleslash · · Score: 2
    Apparently this proof of concept is written in Javascript and targets Firefox. FTA:

    For their academic paper, the research team says it successfully carried out a SplitSpectre attack against Intel Haswell and Skylake CPUs, and AMD Ryzen processors, via SpiderMonkey 52.7.4, Firefox's JavaScript engine.

    The article also agrees with the person who was modded insightful:

    Nonetheless, researchers said that existing Spectre mitigations would thwart the SplitSpectre attacks. This includes CPU microcode updates that CPU vendors have released over the past year, updates to popular code compilers to harden apps against Spectre-like attacks, and the browser-level modifications that browser vendors have shipped with post-January 2018 browser releases to make it infeasible to carry out web-based Spectre attacks.

    (My bold and italics)

    --
    You are not alone. This is not normal. None of this is normal.