This article is authorized by Supernova reprint, other media reprinted by the Super Net agreed
In the upcoming week, the hottest discussion in the technology industry was a series of "loopholes" in a series of vulnerabilities caused by Intel processor design flaws.
As the first big news of 2018, the chip-level loophole exposed this time has spread to a great extent unexpectedly. Intel at the Whirlpool Center plays a rather important but awkward role.
First of all, The starting point for the incident was a breach of a commercially available Intel processor due to a lack of design that would have caused the original normal program to have unprecedented high levels of privilege and even direct access to data in core memory, which is undoubtedly the key to user privacy and device security for many years Come an unprecedented nightmare.
quickly, Vulnerabilities evolve and evolve. The researchers call it 'Meltdown' and 'Specter'. Not only do they have core-level high authority, potential dangers, vastness of impact, and thorny ingredients to tackle Not yet , So the exposure of the loopholes will only make noise uproar.
Causes of the incident and the loopholes in the harm: not to repair as a naked swimming, repair as a serious illness to heal
Last year, the Project Zero team at Google discovered a few chip-level vulnerabilities caused by the CPU 'Speculative Execution', 'Specter' (Variant 1 and Variant 2: CVE-2017-5753 and CVE-2017-5715 ) And Meltdown (Variant 3: CVE-2017-5754). These three vulnerabilities are all caused by the inherent architectural flaws that allow non-privileged users to access system memory to read sensitive information.
Project Zero researchers at Google also found that every processor released after 1995 will suffer.
Allegedly Google has already reported this loophole to Intel, and intends to issue the loophole report next week, but science and technology media The Register has exposed this loophole ahead of time on January 2, after the other media ferment became this present situation, then Google Also choose to publish the report in advance to reduce the user's security risk.
At first, people concerned about this loophole because in principle, except that the chip was redesigned, there was almost no opportunity to completely eliminate the risk. However, the repair would cause performance degradation, which is the cause for concern.
However, as some professionals dig up more data and find the impact of the processor is very wide, in addition to including Intel, but also includes AMD, ARM processor in the 'blacklist', which means that both Windows, Linux, Mac System or mobile Android, there are potential security threats.
In principle, this vulnerability is so much concerned because these vulnerabilities allow malicious programs to access sensitive content stored in core memory, such as in-memory data that can cause hackers to access personal computers, including user account passwords, Application files, file caching and more.
But Intel alone said in the official journal does not think these vulnerabilities have the potential to damage, modify or delete data.
At present, some reports think this chip-level security vulnerability security update is not perfect, even if the installation of security patches can also have an impact on performance, especially some old processors.
Intel is how to explain to us: no one imagine the serious, is ready to repair
'Meltdown' and 'Specter' could pose a significant threat to Intel's processors, even AMD and ARM, and given the market share of the three, few products are spared.
Technically, 'Meltdown' takes advantage of predictive execution features in processor designs to get kernel data in user programs, directly breaks the protection mechanism of core memory, allows malicious code to access sensitive memory directly, and affects all applications that use chaos Intel processors designed to execute in sequence are not affected by other sequential processors, while Specter vulnerabilities are falsified by tampering with the memory of other applications, tricking them into accessing the addresses of core memory, Big.
Processors released in the past decade have hidden vulnerabilities
Intel made an official statement shortly after the incident began to ferment, claiming the vulnerabilities were "Intel-exclusive" and considered the same issues for both AMD and ARM processors.
Intel itself will work closely with many technology companies, including AMD, ARM and several operating system vendors, to develop a industry-wide approach to swiftly and constructively solve the problem, and the device's perceived performance loss Is determined by the work environment, the losses experienced by ordinary users actually did not imagine the huge.
From Intel's own statement, it can be seen that Intel is nothing more than an expression of 'the problem is there, but everyone treats it calmly'. However, contrary to expectations, Intel's share price fell more than 7% after the incident and its rival AMD gained 8.8% , Even NVIDIA also rose 6.3%.
It is worth noting that Google notified Intel of their processor problems the previous year, and it was not long before Intel CEO Brian Krzanich sold a large amount of stock held by him (probably now at the end of November 2017) 25 million shares, the minimum requirement of a hiring agreement), these stocks worth 24 million US dollars, and now it seems he really is a foregone conclusion, no wonder can be a CEO.
AMD Fight Against Intel Statement: There is almost no problem with our stuff
AMD was somewhat dissatisfied with what it said appeared in Intel's official statement. It did not take long before the Intel official statement made a response. AMD officially said that due to the different chip architectures, AMD's products have both problems in terms of security crisis and performance degradation A lot of optimism.
First of all, 'Specter' can be repaired through software and operating system patches with almost no performance impact. And because of the architecture, 'Meltdown' will not affect AMD's processors. It can be said that this vulnerability AMD just rags, rather than hit the face.
A statement was posted on the official AMD website: "Information Security is AMD's Top Priority," said the article. The attack principle of two of the three vulnerabilities is almost insular to AMD, Completely useless to AMD, while another attack can be fixed by a security patch, and AMD said it will be minimal in the most important loss of performance.
We originally thought that the loopholes were Intel-exclusive, and later the form worsened to penetrate AMD's processors, and then these three vulnerabilities even affect ARM's Cortex family of processors.
ARM lists the affected Cortex models on their developer blogs, saying current and future ARM processors will provide patch updates to prevent malicious application attacks.
Currently including Intel, AMD, ARM, Microsoft, Amazon, Google, Apple have said the repair patch will not have a significant impact on performance.
Will the patch affect the performance? Cloud services vendors say so
On January 3, Intel listed all its processors affected by the CVE-2017-5715 vulnerability on its website, and the list shows that even the 45nm Core i7 8 years ago has problems, and Intel once again emphasizes that either AMD and ARM have similar problems.
Performance is one of the players most concerned about the issue, most of the reports claim that the restoration will reduce processor performance, it will lead to such a heated discussion.
For example, Linux system, the performance will be reduced after the repair KPTI patch because it will prevent non-privileged user code to identify the virtual address of the kernel (the kernel into a separate address), but the program needs to use the kernel switch address Will result in performance degradation for Intel processors impact performance will be about 5% to 30%, some tests will have a 50% loss of performance.
For Meltdown, Linux has released the above-mentioned KPTI patch, macOS is also fixed from 10.13.2, Google urges users to have their Android and Chromebook devices up-to-date, and Android users must have installed the January 2018 Security patch
As for most people's Windows system, Microsoft has released an emergency patch KB4056892 for Windows 10 / 8.1 / 7 users. 'Specter' is more troublesome, until now is still developing patches, in view of the scope of the incident so affected Large, Intel will also be conspiring to launch a security patch with various manufacturers.
Intel released two security announcements today, one of which is the introduction of an updated protection system against exploits. By the end of the next week, Intel is expected to provide patch updates for 90% of the products in the past five years. Another is to show that Apple, Microsoft Amazon and Google test results show that the update will not have a significant impact on performance.
Domestic manufacturers are also victims of these loopholes, for example Tencent has issued a statement against the incident, the platform will be hot-upgraded technology to repair. The following is the Tencent cloud platform to upgrade the full text of the notice:
In recent days, Intel processors have been blamed for serious chip-level security issues. In order to solve this security issue, Tencent Cloud will upgrade its hardware platforms and virtualization technologies through hot-upgrade technology from 01: 00-05: 00 in Beijing on January 10, 2018, Back-end platform for repair, customer service will not be affected.
For a very small number of servers that do not support the hot upgrade mode, Tencent Cloud arranges time to manually restart the repair. This part of the server, Tencent Cloud Security Team, will notify separately to negotiate the upgrade time. Users are advised to ensure that the contact information is reserved (mobile phone, email address) , At the same time prepare data backup plan and business maintenance plan in advance.
Faced with this loophole, in addition to the above Tencent cloud, Such as Huawei, Ali, Jinshan, Microsoft, Jingdong, Baidu and other service providers to prepare or have initiated emergency measures to promote vulnerability fixes.
Consumer statement: privacy and performance how to choose?
This incident is more serious than the previous ransomware virus and involves almost all users who use Intel processors. Although it is clear from Intel's statement that Intel has tried its best to make remedies, it also shows the privacy of our users Almost no protection, if there are more similar incidents, once the successful attack by hackers, follow-up remedial work is also very difficult to restore the user's interests.
Some of the major forum sites, some users seem to Intel's attitude is more negative, because with or without security updates, they all think their own interests have been compromised, there are some optimistic users that this loophole to their own did not influences.
Pro Xianyuan fish retreat and network: how to do after we do?
If you are more focused on your privacy, it is a good idea to actively install security updates from vendors such as Microsoft, Apple, Google, etc. In addition to being passively receptive to updates, we also need to be aware of your PC usage habits, as AMD does not Click on unidentified connections, enforce strong password protocols, use secure networks, and regularly accept secure software updates.
Judging from the current situation, AMD processors are more immune to both vulnerabilities than Intel, and buying AMD processors is also a good bet if there are recent plans to focus on personal privacy.
I believe after this incident, the future of Intel processors will also be redesigned in the architecture, completely plug the loophole, and Android mobile phone users should pay more attention to the manufacturers push recently updated.
This loophole may be just the beginning, and we will keep track of this incident.
Do not want to see so many words, see the following figure to understand it:
