Hacking into the software’s and leaking information cases have been on a rise lately. And recently, an Indian-origin researcher warned that billion of computers and other devices all around the world are at the risk again.
Computer Processors Are Open To Hackers Again
Back in 2018, scientists discovered a vulnerability called Spectre. Since the time it was discovered, some of the world’s most talented computer scientists and academicians worked on the software patches and hardware defences to protect the most vulnerable points in the software, without slowing the speed of the computer.
However, researches led by Ashish Venkat from the University of Virginia’s School of Engineering and Applied Science, UVA Engineering discovered that the computer processors are at the hackers’ mercy again.
They found a completely different way that the hackers use to exploit something called a “micro-op cache”. It controls the speed of the computer by simply storing the commands and allowing the processor to speculate the execution process.
ALSO READ:-Apple Comes Under Russian Hackers Attack; Demands $50 Million For Leaked Files
Micro-op caches have been built into Intel Computers that were manufactured since 2011. The team of researchers discovered that the hackers could steal the data when the process fetches the commands from the micro-op cache.
Venkat explained in a statement at hypothetical airport security when a TSA lets you in without checking your boarding pass, it would be fast and efficient but you will be checked at the gate anyway. Similar is the case with computer processors. It predicts the check of the pass and inserts the instructions into the processor.
In case the prediction is incorrect, it will remove the instructions from the processor. But if it gets too late, there are chances by the time the hacker has already accessed the instructions and inferred secrets like passwords.
Researchers Warn Against Two Variants of the Attacks
Venkat’s team said that the current defences for Spectre come at a later stage of speculative execution which may not be very useful. He warned against two variants of attacks for the Intel and AMD processors.
He informed that Intel’s suggest defence against Spectre is called LFENCE which places sensitive codes in the waiting area until the checks are being done. And once the checks are done and approved then only the sensitive codes are allowed to execute.
But the walls in the waiting areas are too think which also lets the attackers exploit. Hackers can use the micro-op cache as a covert chanel. However, this newly discovered vulnerability will be much harder to fix than the previous one.
This newly discovered vulnerability will be much harder to fix.
