The discovery of the Meltdown and Spectre security vulnerabilities earlier this in January revealed a shocking fundamental weakness in nearly every modern computer processor from Intel, AMD, and ARM chips. A Meltdown attack is capable of breaking the most fundamental isolation between the operating system and applications, thus allowing a program to access the memory of all the programs. A Spectre attack, on the other hand, breaks the isolation between applications. Such an attack is hard to mitigate.
A team of scientists from MIT’s Computer Science and Artificial Intelligence Laboratory (CSAIL) now says that it may have found a way to prevent attacks like Meltdown and Spectre, reports TechCrunch. The team says it works by splitting up memory so all the data is not stored in the same place, or in its words, by using “secure way partitioning”.
When an application is need of memory, it requests the processor for a place to add it. But locating it is a slow process. So processors use a technique called “speculative execution” to run several sets of tasks simultaneously while it locates the right memory slot. Attacks like Meltdown and Spectre can exploit the same technique to allow an app to read sections of memory it’s not supposed to.
MIT’s proposed solution is called DAWG. It’s short for “Dynamically Allocated Way Guard”. It’s designed to work as a counterpoint to Intel’s Cache Allocation Technology (CAT), explains TechCrunch. DAWG works in a similar way as CAT but doesn’t require many changes to the device’s operating system. This makes DAWG easy to install and implement on affected computers.
This new technology could potentially save not just regular computers but large infrastructures as well. The team believes that if its technology is later incorporated by chipmakers like Intel and AMD, DAWG could “restore our confidence in public cloud infrastructure, and hardware and software co-design will help minimize performance overheads.” Click here to read more about the Meltdown and Spectre vulnerabilities.