Meltdown: Why Is This A Big Problem?

Posted in Cybersecurity Shorts
Tagged vulnerabiliity

Author

Volodymyr Bachynsky (CyberDef)

Cybersecurity Expert | Security Researcher | Ethical Hacker | Top 1% THM

Meltdown is a type of system vulnerability. And this is a serious security issue. So, almost all computers with a microprocessor inside are vulnerable to this threat. What is Meltdown? Why is this a problem? Is it possible to fight this? About this – read below.

What is Meltdown?

Meltdown is a computer vulnerability related to operating systems (such as Windows, Android, macOS, iOS, and Linux). Namely, we are talking about the deterioration of operating systems and a decrease in their performance. And it would not be so dangerous if this problem turned out to be local. However, the severity of the situation is that Meltdown affects any computer with an Intel x86 processor or ARM microprocessors. You may be surprised, but this threat is not new. It has existed in Intel chips for over 20 years.

So what is it, in terms of Meltdown details? To understand how this threat works, you first need to know how the operating system kernel works. The core in modern systems is a kind of bridge through which hardware and software interact with each other. This bridge, the intermediary, is necessary to efficiently allocate CPU and memory power to run applications. We can use a beautiful metaphor: the kernel is the heart of the operating system, a very sensitive and important element.

How does it work?

So, let’s imagine that we want to increase the performance of the system. For this, there is the so-called speculative execution of computer systems. This is a method that allows the processor to perform a task before it is determined to be necessary. What is it for? Speculative execution helps to prevent delays that occur if we know exactly how much processor power is needed. In general, this method was effective until several researchers found out that there was one drawback of the hardware.

And this drawback is connected with speculative execution. By default, only privileged applications have access to the kernel. But fraudsters can perform a side-channel attack and thus gain access to the core and its activity. In this case, the victim will not see the actions of the attackers. As a result, scammers get confidential data, your logins, passwords, in general – any information that you store on your computer. But there’s something to reassure us: Meltdown is a read-only problem, so an attacker won’t destroy your computer. But that doesn’t detract from the huge security problems that Meltdown poses.

What security issues does it create?

Of course, the information that the kernel processes is always protected as reliably as possible. However, researchers from the Graz University of Technology point out that such protection has gaps. Again, this is a matter of speculative execution. Before outputting the results, the speculative execution algorithm stores them in memory that is allocated to the system processor. The hacker can run code fragments to the processor and this will allow you to find out if the information is stored in the cache for the time it takes the processor to respond. That is the hacker gains access to confidential data. So, experts say that all processors released after 1995 are under this threat. We can imagine the number of processors affected by the Meltdown threat.

How to protect yourself from Meltdown?

You have noticed that for all vulnerabilities there is at least one method of protection. It is very simple – it is a system update in the shortest possible time. Therefore, companies that manufacture microprocessors are constantly working on how to improve the system and fix vulnerabilities. So, Microsoft, Intel, Apple, and ARM are currently working on Meltdown protection. In addition, Intel intends to release Meltdown protection updates for Dell and HP, as well as for processors manufactured within the last 5 years, soon. However, even the Meltdown protection options draw a flurry of criticism. So, let’s analyze what these fixes are criticized for.

Problem: system slowdown due to Meltdown

Indeed, the steps taken by major microprocessor companies in an attempt to protect against Meltdown are very effective. However, computer users faced new problems in doing so. The biggest one is performance degradation. Changes to memory handling to bypass Meltdown drains processor resources and slows down the system. For consumers using Skylake or Kaby Lake microprocessors, these changes will not be noticeable. But Windows 10 users with older processors will certainly experience a performance hit. This will be all the more noticeable if you were using Windows 7 or 8.

What solutions do manufacturers offer companies to solve the problem? There is no answer to this challenge yet. Microsoft, for example, admits that for now, users are forced to choose: either performance and vulnerability due to Meltdown, or vice versa. So there is still a lot of work to do to protect against Meltdown without compromising system performance. However, cross-chip tests have shown that the updated Intel i7-6700 microprocessor running Ubuntu 16.04 allows the kernel and applications to communicate much more slowly. Experts have concluded that performance drops on large websites, search engines and cloud providers.

What conclusions can we draw about Meltdown?

However, everything is not so bad: in most cases, Meltdown does not threaten us, because there are many fixes and firmware updates. This means that companies have done a really good job on this challenge since Meltdown was discovered. But the hardware industry still rebukes companies: why has this problem existed for so long? And, yes, many talented IT specialists work with security challenges, but there are no less talented hackers too. So you need to keep your finger on the pulse.

A serious problem that worries users is the drop in performance in microprocessors that have been upgraded. And while we understand that a slight performance hit is a lesser evil than a security risk due to Meltdown, users are still unnerved by this performance issue. And yet the conclusion is clear: the security of your system should come first. After all, it is about protecting your privacy. And immediate fixes for vulnerabilities can be flawed. However, making immediate improvements is still better than being threatened by Meltdown.

Summary: Meltdown is a security vulnerability that affects modern computer processors and allows an attacker to access sensitive information, such as passwords, from the memory of a computer system. The vulnerability is caused by a design flaw in certain types of processors and affects a wide range of devices, including computers, smartphones, and cloud servers. Meltdown can be exploited through malicious software that is designed to take advantage of the vulnerability, potentially allowing an attacker to access sensitive information without the user’s knowledge. To protect against Meltdown and similar vulnerabilities, it is important to keep systems and software up to date with the latest security patches and to use antivirus software to detect and prevent the installation of malicious software.

#vulnerability #meltdown

Related posts

How To Protect Backup Data?
Trojan Horse: How To Deal With This Virus?