Why Does Intel Keep Having Security Problems?

Alex Alex 30 June 2020
Why Does Intel Keep Having Security Problems?

In the never ending CPU wars between AMD and Intel, a lot of enthusiasts understandably focus on which of the latest offerings from team red or team blue will give them the best bang for the buck for gaming, streaming and content creation. In other words, it's all about performance, but there's another aspect that's much less discussed, security. And if you've been following the CPU headlines for the last little while, you've probably seen plenty of stories about new vulnerabilities that keep coming out which affect Intel CPUs in particular. So why exactly are they having so many issues?

Well, a while ago we did an article on the Spectre and Meltdown vulnerabilities. But remember that while Spectre affected both Intel and AMD chips and even some Qualcomm ones, Meltdown was basically an Intel only problem. This was because of certain architectural flaws in the way that the CPU cache on an Intel processor is set up.

The cache is basically a small amount of very high speed memory built right into the CPU die. That allows it to access information that it needs frequently very quickly.

Now Intel did issue some patches to mitigate how vulnerable its chips were to Meltdown. But since it's really a Silicon level bug. It's difficult for Intel to fully fix the problem without redesigning the chips fundamental architecture. And this has meant that variations of Meltdown have been discovered that also attack cache vulnerabilities.

One such example is a recent bug affecting an Intel chip feature called Software Guard Extension or SGX. This is a part of the processor that encrypts and stores super sensitive information such as encryption keys. So that even if the operating system is compromised in some way, the systems most sensitive data should still be protected, if a program is coded to use SGX. And surprisingly, this makes the SGX a pretty attractive target for attackers. And recently a bug was discovered that can decrypt and read the sensitive data inside by using timing attacks. Similar to how the original Meltdown vulnerability works.

Indeed, this new bug called SGAxe is based on a weakness called CacheOut, which is related to and inspired by Meltdown, according to researchers who discovered both bugs. However, CacheOut actively bypasses the software fixes that Intel issued, highlighting a huge problem that Intel is facing with trying to shutdown these Meltdown derivatives. I mean, you can patch one leak, but then another one springs up somewhere else. And you're like, you know, "where do these moles keep coming from?"

However, there is some good news in all of this. First of all, we've known about Meltdown and Spectre for well over two years. But there haven't been any major pieces of malware that managed to exploit them yet. In fact, some have criticized the often alarming headlines you see on Tech News sites. Whenever a new variation of these bugs is uncovered since although these attacks are theoretically possible. So far, they only really exist as proofs of concept as they're actually very difficult to pull off.

Remember that the headlines that you see about Spectre and Meltdown variants are there because researchers have discovered these flaws, not because they were actually used to rip off someone's banking information. Also Intel does seem to be giving more of a focus to hardware based security. Especially with the news that it's upcoming Tiger Lake CPUs will get a hardware solution called Control-flow Enforcement Technology to defend against common types of malware.

Of course, Intel has built hardware mitigation for Meltdown into some of its more recent chips already and yet security issues do keep getting discovered. Meaning the company might have to rethink its CPU architecture significantly before we get comprehensive protection against this class of attacks. But with these bugs, not yet having a major real world impact, you're probably fine carrying on with your shiny Intel chip. At least for now.

Comments (0)

    No comments yet

You must be logged in to comment.