
Meltdown and Spectre - dustinmoris
https://spectreattack.com/
======
ashleyn
It's not everyday that a security issue is borne out of a side-effect of
_underlying theory_ ; in this case, how out-of-order execution works. It's
almost as bad as if someone proved P = NP, rendering all cryptography useless
on the spot.

The game is changed forever, and CPU designers across the industry will likely
have to can some or all of OoOE, setting performance back considerably. It can
take years to reachieve performance we're used to today at the security level
required.

~~~
ajobaccount2017
How many years should we think back?

I have some old laptops at home and they work quite well with a proper Linux
setup.

Should we think in terms of slowing everything down by some factor, or just
slowing tasks that need an un-throttled CPU?

~~~
saulrh
Qualifier: I'm working off articles and a few computer-architecture courses
from college, so don't trust me too much here.

Taht said... Branch prediction and TLBs have been ubiquitous since about 1975.
We're seeing vulnerabilities in ARM processors with unit costs of a tenth of a
cent. We don't have to go _that_ far back; if nothing else our toolchains and
manufacturing techniques are far better. But if we're forced to discard
speculative execution as a _concept_ , which I think may be necessary to
entirely prevent side channels, we'll be going way, way far back. Further back
than the Pentium 4.

Fundamentally speaking, the power of out-of-order execution is not one of
engineering. It's not like object-oriented programming or version control in
that it simply makes it easier to engineer fast processors. It is more
powerful on a fundamental level. And there's been so much theoretical and
practical work put into it over the decades that it may take more decades to
bring a different mathematical formalism up to the same level of development.

Let's just say that I _really hope_ we don't have to throw out out-of-order
execution. It'd suck. Hard.

~~~
simcop2387
It's not so much out of order as it is the speculative execution. Predicting a
branch and then trying to run the code after the jump while you wait on the
branch itself to finish calculating. At least that's my understanding from the
papers. This means that otherwise normal out of order techniques like memory
load/store reordering and such aren't subject to these particular attacks. I
hope that attacks on them aren't found either because those are some of the
biggest gains because it can allow better cache coherence and avoid misses, or
make the impact of one almost non-existent since it can do other instructions
while waiting on a load from system memory.

~~~
dnautics
My understanding is: Speculative executive is flawed, out of order makes it
hard to tell when the errors are going to be really bad.

------
jadedtuna
Video demonstration of the Meltdown attack was just taken down:
[https://www.youtube.com/watch?v=RbHbFkh6eeE](https://www.youtube.com/watch?v=RbHbFkh6eeE)
due to "violating YouTube's policy on spam, deceptive practices, and scams."

~~~
weeks
Thanks for pointing that out. I've escalated internally to have the video
restored.

Edit: the video has been restored.

~~~
singularity2001
"I've escalated internally" wow almost as cool as "I called the POTUS and the
TSA thing is fixed now"!! Kudos and thanks

------
weinzierl
Besides the LWN article _Notes from the Intelpocalypse_ [1] this is the best
high level overview I've seen for now. Here is are a few quotes (emphasis
mine):

 _Am I affected by the bug?_

Most certainly, yes.

 _Can I detect if someone has exploited Meltdown or Spectre against me?_

Probably not. The exploitation does not leave any traces in traditional log
files.

 _What can be leaked?_

If your system is affected, our proof-of-concept exploit can read the memory
content of your computer. This may include passwords and sensitive data stored
on the system.

 _Which systems are affected by Meltdown?_

Desktop, Laptop, and Cloud computers may be affected by Meltdown. More
technically, _every Intel processor which implements out-of-order execution is
potentially affected_ , which is effectively every processor since 1995
(except Intel Itanium and Intel Atom before 2013). We successfully tested
Meltdown on Intel processor generations released as early as 2011. _Currently,
we have only verified Meltdown on Intel processors. At the moment, it is
unclear whether ARM and AMD processors are also affected by Meltdown._

 _Which systems are affected by Spectre?_

Almost every system is affected by Spectre: Desktops, Laptops, Cloud Servers,
as well as Smartphones. More specifically, _all modern processors capable of
keeping many instructions in flight are potentially vulnerable_. In
particular, _we have verified Spectre on Intel, AMD, and ARM processors_.

 _Which cloud providers are affected by Meltdown?_

Cloud providers which use Intel CPUs and Xen PV as virtualization without
having patches applied. Furthermore, cloud providers without real hardware
virtualization, relying on containers that share one kernel, such as Docker,
LXC, or OpenVZ are affected.

 _Why is it called Meltdown?_

The bug basically melts security boundaries which are normally enforced by the
hardware.

 _Why is it called Spectre?_

The name is based on the root cause, speculative execution. _As it is not easy
to fix, it will haunt us for quite some time._

[1]
[https://lwn.net/SubscriberLink/742702/e23889188fce9f7f/](https://lwn.net/SubscriberLink/742702/e23889188fce9f7f/)

~~~
arca_vorago
I don't see user-mode linux, QEMU, or KVM on that list, or am I mistaken an
they are affected as well(so maybe some amd users are safe?). Another reason I
advocate every spinup should have FDE by default with a ssh key entry shimmy
at initram, or is this runtime cpu acccess so it gets anything live? If so
that's scary.

------
neom
I understand this "isn't the point" etc - for curiosity sake: How practical
are these exploits? From my reading, it seems using them in an attack against
a sophisticated target is incredibly difficult, and against an unsophisticated
target is still probably prohibitively difficult? I'm not an engineer so
please pardon the ignorance.

~~~
pjc50
A nice little gif from twitter:
[https://twitter.com/misc0110/status/948706387491786752](https://twitter.com/misc0110/status/948706387491786752)

User typing into a "secure" Linux (edit: was MacOS - can we do strikethrough
here?) password dialog while another process steals the data.

The _first_ attack was incredibly difficult, but once there's a proof of
concept, copies will proliferate.

~~~
arianvanp
That's Gnome, not MacOS ;)

------
djaychela
Pleased to see a growing set of links at the bottom for the relevant
information for different OSes, etc...

However, somewhat surprised that Ubuntu isn't present - done a fair bit of
searching today and have only found that the patches are in progress, which
I'm a bit surprised about given the disclosure timeline that appears to be in
place, and that SuSE and Red Hat seem to have patches in place and ready to
go?

* EDIT * - since posting this, there is now an Ubuntu link present, and an explanation that they were expecting disclosure on Jan 9th.

~~~
brightball
That is a little surprising. Definitely making me re-evaluate my choice of
local Linux.

~~~
RainaRelanah
This was supposed to release on January 9th, but Google pulled the trigger
earlier due to community members putting the pieces together and starting to
draw press attention. It isn't very fair to blame Ubuntu for being behind.

~~~
brightball
It’s not just that. I’ve been experimenting with different distros a lot this
year (Fedora, Mint and Ubuntu for committed stretches) and Fedora is the only
one where the machine didn’t regularly hang for some reason after a few days.
Was happening multiple times a day with Ubuntu and currently much less often
with Mint. Never happened at all with Fedora though.

Between that at Redhats promptness on this it’s just giving me more confidence
in that side of the house.

------
herodotus
Practical questions for ordinary users: as I understand it, a malicious actor
could inject Javascript into a web site which could read all my computers
memory. To read, for example, my bank credentials, would they have to be
sitting in memory at the time the malicious code was executed? Could I
mitigate this risk by, for example, quitting my browser and relaunching it
after visiting my bank? Or will my unencrypted password still potentially be
lingering somewhere in memory? Could vendors provide a "memory cleaner" that I
could use between web site visits?

~~~
schoen
Typical allocator free() calls don't actually overwrite the memory, meaning
that the data stays there until it happens to get overwritten by a future
process, which is an unpredictable event. When I was doing research on the
cold boot attacks I did a lot of "strings /dev/mem" and would notice stuff
related to things I was working on several days ago. As our cold boot paper
described, this could sometimes include things that you were doing even before
the computer was last rebooted.

There is a really nice paper on this particular topic

[https://benpfaff.org/papers/shredding.html/index.html](https://benpfaff.org/papers/shredding.html/index.html)

which describes some useful countermeasures which haven't been widely
implemented. If they had been, they could have somewhat reduced the impact of
opportunistic exploitation of memory disclosure vulnerabilities.

------
danso
Mostly OT, but is there an explanation for why the "Meltdown" vulnerability
was named specifically as such, I mean besides the term's meaning when it
comes to "melting" security barriers? Coincidentally, "meltdown" is currently
a very popular term to describe reactions/revelations re: a soon-to-be-
released politics book titled "Fire and Fury" [0]. I guess yet another example
of "Naming things" being one of the hard problems.

[0] [https://www.publishersweekly.com/pw/by-topic/industry-
news/p...](https://www.publishersweekly.com/pw/by-topic/industry-
news/publisher-news/article/75734-pre-orders-for-wolff-s-trump-book-skyrocket-
as-trump-has-twitter-meltdown.html)

~~~
scrollaway
[https://meltdownattack.com/](https://meltdownattack.com/)

> Why is it called Meltdown?

> The bug basically melts security boundaries which are normally enforced by
> the hardware.

~~~
contrarian_
Not a bug according to Intel.

------
saganus
I've been reading up a bit on these attacks and I was wondering if there are
any particular requirements to implement them in an arbitrary language?

For example, can you implement the attack with Java but without JNI? i.e. are
syscalls required to be able to leverage the exploit?

------
jerrac
Would cable modems or wireless routers be vulnerable? My router's
specification page does not list what CPU it uses. Haven't checked on my modem
yet.

~~~
Tloewald
Everything is vulnerable to Spectre.

~~~
juergbi
Not everything. In-order CPUs such as Cortex-A7 and Cortex-A53 are not
affected. Confirmed by Arm at [https://developer.arm.com/support/security-
update](https://developer.arm.com/support/security-update) "all other Arm
cores are NOT affected"

~~~
Tloewald
Doesn’t Spectre just require speculative fetching? In which case in order is
not sufficient as to guarantee immunity.

It’s Meltdown that relies on out of order execution.

[https://meltdownattack.com/meltdown.pdf](https://meltdownattack.com/meltdown.pdf)

[https://spectreattack.com/spectre.pdf](https://spectreattack.com/spectre.pdf)

------
chinathrow
From the Ubuntu wiki, it's clear that someone broke the coordinated release
date of January 9th. Does any one have more insights on why the news broke to
soon?

[https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SpectreAn...](https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SpectreAndMeltdown)

~~~
Ajedi32
From what I recall, patches started showing up in the Linux Kernel, causing
lots of buzz and speculation among the security community.

People noticed that one patch was only being applied to Intel processors,
leading some tech blogs to speculate that only Intel processors were affected
by the bug, and that triggered a PR response from Intel. Then someone reverse-
engineered an exploit and posted about it on Twitter, and the cat was out of
the bag at that point, so they moved up the disclosure timeline.

~~~
baq
And it's a good thing they did that because a motivated black hat with the
correct skill set most likely did, too. Not to mention nation state cyber ops.

------
FrantaH
[https://meltdownattack.com/meltdown.pdf](https://meltdownattack.com/meltdown.pdf)
[https://eprint.iacr.org/2013/448.pdf](https://eprint.iacr.org/2013/448.pdf)

TLDR: Userland process' read access to Ring 0 memory will throw an exception
(n.b.: kernel mode memory is actually mapped into process' address space), but
before that the instruction reading the memory is actually executed and data
are cached. The process can use value of data as an address in userland for
another read instruction. Now the process just needs to check range of
possible addresses where the data was read from and see how long it takes
(using rdtsc) to access them - if it's quick, then we have a match.

Is that correct, or am I missing something? e: write changed to 2nd read

------
whitepoplar
How does this affect the end-user security of the apps we use every day, like
Gmail, Twitter, GitHub, Stripe, etc.?

~~~
godDLL
All your passwords, are belong to the Internet

------
Indolat
So far the possibility of JavaScript attacks looks the biggest concern for the
normal users. (Assuming that you don't install any software from fishy
sources, of course). And cloud service and virtualization service providers
are under the biggest threat.

------
sveme
If I understand it correctly (not entirely sure), an adversary needs to have
code running on a system to exploit either attack - would Javascript running
in a browser be in principle sufficient to be able to exploit this, or are
there some mitigations (sandboxes?) in place to prevent this from happening?

Edit: Okay, found this post from yesterday:
[https://blog.mozilla.org/security/2018/01/03/mitigations-
lan...](https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-
class-timing-attack/)

Thanks for the reply!

~~~
paulhodge
Yes javascript is sufficient.

I think Spectre is theoretically possible with just untrusted _data_ (not just
untrusted code).

It would need an existing trusted program that has a branch-predicting loop
like the one in the paper. The attacker would feed untrusted data into the
loop and then observe secrets through cache timing.

It's weird code, so it's probably unlikely an existing program would have it,
but it's not outside the realm of possibility. The attacker would also need a
high-precision way to measure the timing of the operation, which also might be
hard to find in an existing program, but not impossible.

Just something else to keep you awake at night!

~~~
kllrnohj
They need code execution to observe that cache timing, though, and they need
to prime the branch predictor and cache.

~~~
paulhodge
I think the branch predictor can be primed with well-crafted data? (start off
with a long series of 0s for X)

For the other aspects like getting the cache timing, that does seem harder. I
don't really know if it's feasible in practice.

------
hackermailman
The paper on this site is well written explaining the method of using ROP with
branch mispredict to load gadgets. Anybody interested in this, ROP, caches and
branch prediction/misprediction is all in the intro [1]book[2]course CSApp

[1][http://csapp.cs.cmu.edu/3e/labs.html](http://csapp.cs.cmu.edu/3e/labs.html)
[2][http://www.cs.cmu.edu/~213/schedule.html](http://www.cs.cmu.edu/~213/schedule.html)
(Youtube lectures)

------
xingwang
Just want to share an technical article about meltdown with things that isn't
covered in the white paper. [https://www.moesif.com/blog/technical/cpu-
arch/What-Is-The-A...](https://www.moesif.com/blog/technical/cpu-arch/What-Is-
The-Actual-Vulnerability-Behind-Meltdown/)

------
dcminter
Would a microcode update be possible to fix this? I assume not and that it's
fundamental to the speculative execution architecture, but haven't yet seen
anything that explicitly addresses the question. Presumably _if_ it is
possible then it would reduce any longer term financial consequences for Intel
of the problem.

------
dolguldur
Skimming the flush+reload paper I see how timing alone is enough to get e.g. a
private key if the underlying algorithms are known and prone to revealing what
they're working on.

Meltdown however seems to be able to arbitrarily read memory (at about ~500
kB/s).

How does this work that it can read from the cache?

------
akeck
Are the chips used by Intel Management Engines subject to these attacks as
well?

~~~
algorithmsRcool
Yes, but the two have nothing to do with each other.

------
caio1982
Does anyone know the amount of dollars involved in the bounty paid by Intel?

------
Kiro
Marked as dupe? Seriously?

------
mzzter
Other domain used to publish the same info:
[https://meltdownattack.com](https://meltdownattack.com)

------
dimillian
How would one exploit a Google Cloud physical machine for example? One would
still need to inject/patch a file to exploit processor right?

~~~
DevNullDevice
Meltdown doesn't _directly_ allow modification of code. However, a guest VM
could run userspace code that accesses ring 0 / kernel memory of the
hypervisor / physical machine.

This would mean that security certificates, passwords, etc of the hypervisor
could be exposed, which could then allow compromise.

~~~
levi_n
I would also assume this means exploits on a machine provisioned with multiple
VMs from different customers would allow a malicious customer to leak data
from another customer's VM located on the same machine.

------
sdenton4
Well, I'm feeling mighty good about my purchase of a 2011 intel Atom chip back
in the day... Now if only I knew which box it's in...

~~~
Symmetry
I wouldn't count on that to be enough. The Atom still speculatively issues and
begins execution on instructions past branches and a quick glance at the
pipeline[1] makes me think it can start on loads before the branch resolves,
the same way an ARM A8 can despite both being in order.

[1][https://www.anandtech.com/show/2493/11](https://www.anandtech.com/show/2493/11)

------
ArchReaper
Admins: why did you take this down? The previous submission didn't get any
attention and this had some good discussion.

------
Exuma
Which one did OSX partially protect against? Also, which one allows JS
execution to activate the attack?

~~~
paulhodge
I don’t know what the OSX protection was, but that’s probably Meltdown.
Meltdown = using native code to read kernel/system memory.

Spectre is the one that can be done with JS.

------
tzahola
The youtube video says:

"This video has been removed for violating YouTube's policy on spam, deceptive
practices, and scams."

LOL!

