CPU Design Flaw


A fundamental design flaw in modern CPU chips has forced a significant redesign of the way the Linux and Windows kernels interact with hardware.
Named Meltdown and Spectre, these flaws affect all computer systems, both private computers and corporate systems, including those used in cloud infrastructures. Both these design flaws could expose access to ultra-sensitive information. Meltdown is currently only present in Intel x86-64 processors whilst Spectre touches all modern processors, whether they are AMD, Intel, or even ARM.

Meltdown breaks the isolation between the memory used by the user-side applications and the one used by the operating system. Thus, a malicious program could therefore gain access to hidden information such as passwords, keys and personal information contained in the memory used by the Operating system.

Spectre breaks the isolation between different applications. More difficult to exploit, this vulnerability allows an attacker to cheat any program to extract the data stored in memory. An example of this would be a malicious program loaded via a website could be used to recover the contents in memory of your password manager or your Bitcoin wallet.

The fix for both issues requires patching at the kernel level of the Operating System. Patches are available for the common operating systems like MacOS, Linux and Windows. The work around is to isolate the memory address and the hardware address kernels. Each system call and hardware interaction is separated from any memory interaction by forcing the processor to clear its cache much more often. This ensures the processor is able to reload information into the relevant memory areas independently. Unfortunately, this increases the kernels workload which will result in a performance degradation of 5% to up to 30% worst case.

It is unclear at this stage what the impact will be. There is however every chance that the performance degradation will be significant, both for private home users as well as for corporate systems (including those in the cloud). As these vulnerabilities are related to a hardware design flaw, this will more than likely force a processor and kernel redesign in future processor technologies