MIT security experts discuss “Spectre” and “Meltdown” processor flaws

spectre/meltdown

Last week CSAIL hosted the second “Hot Topics in Computing” speaker series, a monthly forum where computing experts hold discussions with community members on various topics in the computer science field.

MIT professors Adam Belay, Srini Devadas and Joel Emer spoke on the topics of “Spectre” and “Meltdown,” two recent processor-related security flaws that have garnered major global attention. Moderated by MIT professor Sam Madden, the discussion focused on the weaknesses discovered on virtually all computer chips built in the last 20 years.

The vulnerabilities on these computer chips (and their variations) involve accessing information that was previously thought to be secure, by exploiting two methods called “speculative execution” and “caching.”

Speculative execution refers to when a computer chip tries to predict a set of commands in order to be more efficient, a common method that all processors use. Much of this data is often stored in the processors’ “cache”, where it can be detected by a user.

“Modern processors tend to predict where a given instruction will be executed,” says Emer. “It can then calculate or miscalculate the commands. When you’re executing miscalculated instructions, the machine has access to data that it wouldn’t normally have.”

To address some of the concerns regarding the variations of the these type of attacks, which are more about exposing, not corrupting data, Devadas described what a traditional “attack schema” of this kind looks like for an attacker.

He outlined the necessary steps to creating a “channel” to bridge the victim’s domain with the attackers, and detailed using a pre-existing transmitter associated with the algorithm running on a user’s code to access information.

Finally, Belay gave specific examples of the Spectre and Meltdown variations and explained how those variations play out.

During the question and answer portion,there was discussion related to strategies to interrupt the attacks, and what hardware and software improvements are necessary to prevent future attacks.