The flaw is similar to Spectre and affects Intel CPUs all the way back to the first generation of Core CPUs.
Go from OpenAPI-to-GraphQL in 2 minutes
Create GraphQL interfaces in minutes and build mobile or client apps quicker. Leverage free, open source IBM Code Patterns.
Click here to know more
Security researchers at Worcester Polytechnic Institute and the University of Lübeck have published a paper outlining a vulnerability on Intel processors. The vulnerability only affects Intel chips and not AMD or ARM chips. The vulnerability affects Intel chips all the way back to the first generation of Core CPUs. According to the researchers, the potential attack vector is similar to Spectre, but not subject to the same mitigations. Just to be clear, Spectre and Spoiler are 2 different attacks.
The vulnerability affects “Speculative execution”. According to Wikipedia, Speculative execution “is an optimization technique where a computer system performs some task that may not be needed. Work is done before it is known whether it is actually needed, so as to prevent a delay that would have to be incurred by doing the work after it is known that it is needed. If it turns out the work was not needed after all, most changes made by the work are reverted and the results are ignored. The objective is to provide more concurrency if extra resources are available. This approach is employed in a variety of areas, including branch prediction in pipelined processors, value prediction for exploiting value locality, prefetching memory and files, and optimistic concurrency control in database systems.”
The researchers say that how a PC’s memory works could be exploited by Spoiler. This could expose data from running programs. According the the researchers the only way to completely protect a system from Spoiler is by redesigning the silicon. This could be at the expense of overall performance. The researchers said, "There is no software mitigation that can completely erase this problem."
Intel was made aware of Spoiler in December. Intel told PC gamer, "Intel received notice of this research, and we expect that software can be protected against such issues by employing side channel safe software development practices. This includes avoiding control flows that are dependent on the data of interest. We likewise expect that DRAM modules mitigated against Rowhammer style attacks remain protected. Protecting our customers and their data continues to be a critical priority for us and we appreciate the efforts of the security community for their ongoing research."
Digit caters to the largest community of tech buyers, users and enthusiasts in India. The all new Digit in continues the legacy of Thinkdigit.com as one of the largest portals in India committed to technology users and buyers. Digit is also one of the most trusted names when it comes to technology reviews and buying advice and is home to the Digit Test Lab, India's most proficient center for testing and reviewing technology products.
We are about leadership-the 9.9 kind! Building a leading media company out of India.And,grooming new leaders for this promising industry.