‘Unfixable’ PC problem
ALMOST every laptop and desktop computer is vulnerable to data leaking attacks due to problems with CPU processors which security researchers worry may be unfixable.
It’s been known for some time that many Intel processors are under threat from a flaw that exploits the way chips try to predict your next move so they can run faster.
Last year, details of “ZombieLoad” vulnerabilities emerged, showing data could “bleed” between apps and potentially be stolen by hackers.
Normally an app can only see its own data, but ZombieLoad attacks allow malicious apps to see data being stored on the processor.
It’s now been revealed Intel’s main rival, AMD, also has a similar problem with its chips, dating back as far as 2011.
AMD chips are found in fewer computers as Intel has been the dominant force in the market for many years.
But recent innovations from AMD have allowed their chips to run faster and use less power, helping it surge back to popularity.
Unfortunately, one of these innovations has opened the company’s chips to a new method of attack.
Researchers at Austria’s Graz University of Technology have detailed the flaw in a new research paper.
While the flaw affects some CPUs going all the way back to 2011, the researchers claim they are the first to exploit it.
The vulnerability relies on a similar prediction method that exposed Intel’s CPUs but leaked more information more quickly.
Put simply, the “cache” of your computer’s CPU functions a bit like short-term memory by keeping data you’ve just accessed or access often closer to the processor core where it can be reached faster.
Another technique called “speculative execution”, where a system performs a task it thinks might be necessary ahead of time, also opens the chips up to attack.
AMD has responded to the research but thinks there isn’t a problem.
“We are aware of a new white paper that claims potential security exploits in AMD CPUs, whereby a malicious actor could manipulate a cache-related feature to potentially transmit user data in an unintended way,” the company said on its security portal.
“The researchers then pair this data path with known and mitigated software or speculative execution side channel vulnerabilities. AMD believes these are not new speculation-based attacks.”
AMD has advised customers to “mitigate” against the issue by keeping their operating system up to date and “utilising safe computer practices”, including running antivirus software.
The researchers told ZDNet the response from AMD was “rather misleading”.
They also accused AMD of failing to respond when the team reported the flaw in August last year.
The researchers also reported the attacks were still working on fully up-to-date systems.
While AMD thinks it’s already fixed its problem, another has been revealed targeting Intel’s chips.
Disturbingly, the new vulnerability, outlined in a blog post by UK technology security firm Positive Technologies, is located so early in the CPU’s “boot cycle” it can’t be fixed easily with a software patch.
It affects all but the newest Intel processors, going back five years.
At this stage there is little risk from the flaw. Positive Technologies reports that hackers would still need an “encrypted hardware key”, but the company warned it was only a matter of time before the keys were decoded and leaked and entire generations of processors used the same keys.
“When this happens, utter chaos will reign. Hardware IDs will be forged, digital content will be extracted, and data from encrypted hard disks will be decrypted,” Positive Technologies researcher Mark Ermolov said in the blog post.
Businesses are likely to be most threatened by the new flaws as they’re more likely to provide a bigger payment or more valuable data than targeting thousands of individual users.
But with almost every computer in the world relying on processors from either AMD or Intel, problems with either pose huge risks if the methods for exploiting them aren’t fixed and become widespread.