Sorry if the disclosure of the vulnerability of an Intel chip a couple of days ago slipped below your radar. On the one hand, the new problems are a kind of variants of the much more eye-catching Specter and Meltdown of early 2018. On the other hand, Intel and the entire industry had time to work together to jointly announce these new vulnerabilities along with the patches for they.
The new vulnerabilities are built into Intel hardware and have several names. ZombieLoad, Fallout, or RIDL are sticky; the most technical name is Microarchitectural Data Sampling (MDS). Before we start more, you'll probably want to know what to do about it.
The way you should respond to MDS is probably what you expect: update your operating system when prompted and also make sure your browser is up to date – it can be a vector for these new attacks. Only devices that run on Intel chips are affected (although they are all from 2011), so iOS devices and the vast majority of Android devices are safe. And it must also be said that there have been no reported vulnerabilities that exploit these vulnerabilities in nature.
Here are the MDS information pages of a group of large software vendors, all of which have already patched or will do so in the very near future:
Update your software. It is a simple solution, until, perhaps, it is not.
There is a complicated and potentially painful decision in the store for people who fit a particular profile. Specifically, if you think you are more likely to be the target of a hack and if you need to be able to push your processor to perform computationally intensive tasks, you will have to choose between a higher level of security or a performance success.
At a very basic level, MDS takes advantage of an advanced processor feature called "speculative execution", as did Specter and Meltdown. If you want a detailed and legible breakdown of how it works, Andy Greenberg at Wired has it covered. The important part for a layman to understand is that because MDS uses a methodology different from the previous vulnerabilities, it requires different protections.
Specifically, there is a function in Intel processors called "hyper-threading" that allows the processor to perform various tasks. things at once. Along with software patches, protecting yourself completely from MDS means disabling it, and for some users that will result in a significant impact on performance.
The compensation here is one that is familiar to anyone working in computer security: perfect security is impossible, but it is about assessing your risk and the level of threat. Deciding whether it is worth the impact on performance to disable subprocessing is complicated, and therefore, different companies are making different decisions.
Intel, as expected, has minimized the impact on performance, although even its tests show a deceleration as large as 9 percent for consumer products and 19 percent on servers. The choice to apply only a great success in general is not something that technology companies are eager to do, so they have adopted different approaches.
Apple chose to leave the hyperlink enabled by default. Apple says that "customers with computers at higher risk or running unreliable software on their Mac" should turn it off, but that the impact on performance could be up to 40 percent.
Microsoft is a little more diffuse in its hyper-threading language, but says that "it has seen some performance impact" and therefore "in some cases, mitigations are not enabled by default to allow users and administrators assess the impact on performance and risk exposure before deciding to enable mitigations. "
Apple provides instructions on how to disable the subprocess, while Microsoft has a much more complicated hardware ecosystem and, therefore, has a much more complicated guide on how to do it.
Google made a different choice with Chrome OS: it's disabling threads by default. For the vast majority of tasks performed by users on a Chromebook, the hyperlink does not really apply. For those who need it, there is a way to turn it on again.
Three cases, three different approaches. But what they all have in common is that these companies are making a decision, I'm sure none of them enjoy. They are choosing a default security value and then telling the users that they are alone to decide if it is a good idea to change it.
Do the people who really have to think about activating or deactivating the thread really be prepared to make an informed decision about these safety offsets? I tend to doubt it. But all these companies rightly felt that the impact on performance was great enough that they should not take that decision away from consumers.
It's not a funny situation, nor will it improve soon. The reason that Specter and Meltdown were so important was that they revealed a completely new method of compromising Intel hardware. That method can be applied in many different ways, and it is likely that MDS is not the last.
There is good news in all this: the coordinated dissemination of MDS is a good sign that security researchers, Intel and the main players in the technology community are working together to mitigate these risks. And because this is a failure in Intel hardware, there is no permanent solution until users buy new chips without the problem.
Until then, there will be more cycles of new vulnerabilities and solutions, and it is likely that each will make the same difficult decisions in front of both technology companies and users. ZDNet pointed me to a post by Greg Kroah-Hartman, the maintainer of the stable branch of the Linux kernel. He said it better: "As I said before, a little over a year ago, Intel once again owes a lot of people a lot of drinks to correct their hardware errors, in our software."