Tech analysts might woefully look back on 2018 as the year of computer chip flaws. That’s because two vulnerabilities known as Spectre and Meltdown allowed potential infiltrators to read sensitive Intel chip data such as passwords.
The weaknesses related to a process called speculative execution, which is the way computers try to guess users’ next actions.
Those issues affected most modern computers. The chipmaker responded by providing software patches. However, analysts say they don’t always work with other kinds of software and could cause system performance declines of up to ten percent.
But, Spectre and Meltdown are not the only Intel chip flaws to mar the tech landscape in 2018.
Researchers uncovered another that’s even more severe. They named it Foreshadow.
How Does It Work?
All Intel chips have a feature called Software Guard Extensions or SGX. It permits programs to establish cordoned-off areas on Intel processors intended for running code that’s not alterable or even accessible by a computer’s operating system. Usually, that enclave acts as a safe place for sensitive data because malware or other issues hindering the main computer system can’t affect it.
Unfortunately, the cybersecurity experts that uncovered the Foreshadow flaw say even though SGX generally isn’t vulnerable to Meltdown and Spectre attacks, Foreshadow incidences could affect it.
Speculative Execution Could Give Hackers Clues
As mentioned earlier, speculative execution is a process that helps computing systems predict what users will do. It makes them run more efficiently because correct predictions speed up workflows but incorrect guesses get scrapped. But, that process leaves behind clues hackers could use to learn details about system weaknesses, and later, exploit them. They could even get passwords through a computer’s browser.
Many of today’s popular tech devices — such as the newest wearables — have capabilities like voice-based security that verify users are who they say they are by confirming unique factors associated with their speech. Since this security flaw relates to a computer component deep within the system, keeping individuals safe isn’t so straightforward.
People who store their data in the cloud should have less to worry about compared to those who primarily use on-premise devices for it. One of the advantages of data storage in a secure, private cloud is that customers get ongoing software updates from their providers. Intel and other affected companies fixed the Spectre and Meltdown issues with software patches and did the same for this more recent issue.
The Issue Affects Cryptographic Signatures, Too
The research team responsible for uncovering Foreshadow mention that, during their investigations, they decided to pinpoint SGX as a possible point of attack. After all, they said there were not many parts of the chip that Spectre and Meltdown didn’t affect. Since SGX was one of the few features spared by those earlier problems, the experts turned their attention to it.
Besides the revelation that Foreshadow could impact material ordinarily protected by the SGX feature, the researchers realized the flaw could expose attestation keys — which use cryptography to enable SGX integrity checks.
Specifically, a cryptographic key held by Intel signs an enclave’s contents. Then, an outside system could check the legitimacy of an enclave by reviewing its signature. Foreshadow exposed those keys to unauthorized parties, but that’s not even the worst of it.
SGX has a built-in privacy feature called group signatures. It assures anonymity by preventing the possibility of identifying particular enclaves through their signatures. But, researchers learned compromised attestation keys could be manipulated and create SGX signatures that look legitimate but aren’t.
A Widespread Problem
Foreshadow could reportedly affect all Intel hardware made after 2015. Experts say Intel must thoroughly deal with these known issues, especially because Foreshadow could eliminate the isolation between virtual machines — which cloud computing companies frequently use to let customers access their infrastructure. It could also be problematic for hypervisors, which assist with virtual machine management.
Leading cloud providers, including Google and Amazon Web Services, indicate they’ve taken steps to ensure the issue won’t affect their systems.
Also, Intel maintains it is not aware of Foreshadow being used in real-world environments, just research labs. Investors weren’t impressed, though. The company’s share prices fell nearly one percent following the news.
The company posted a list of affected hardware on its website, plus information about the necessary patch. It refers to Foreshadow as an L1 Terminal Fault. Another piece of documentation from Intel assures that the majority of computer users won’t experience reduced performance with the patch in place.
The Patch May Not Work in Every Circumstance
The researchers recognized Intel for its work in making a patch available so quickly. And, they ran their code with the fix in place and confirmed the remedy worked. They caution that it’s impossible to know whether it’ll perform as expected in every case against every kind of Foreshadow attack.
As such, this is a reminder for individuals and organizations to implement updated security practices. They should especially do so when running traditional virtualization technologies. After all, even though Foreshadow is a highly advanced exploitation not likely to get widely utilized, proactiveness is always preferable to reactivity.
Written by Kayla Matthews, Productivity Bytes.