Sign In

Communications of the ACM

ACM TechNews

Intel Flaw Lets Hackers Siphon Secrets From Millions of PCs


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
A submarine, a metaphor for having to dive deeply into the workings of Intel's microscopic hardware to find the vulnerabilities.

An international coalition of security researchers working with Intel have identified a new form of hackable vulnerability in Intel chips which could permit the theft of sensitive data from central processing units.

Credit: Tricia Hipps

Intel and an international coalition of security researchers have identified a new form of hackable vulnerability in Intel's chips which could result in the theft of sensitive data from central processing units (CPUs).

The new set of Microarchitectural Data Sampling (MDS) attacks exploit security flaws in the speculative execution process, in which a chip guesses which operations and data it will be asked to carry out beforehand, to expedite performance.

The researchers determined speculative execution could be used to fool processors into capturing sensitive data en route between chip components, by concentrating on buffers positioned between components.

The malicious code can leak data the processor has grabbed from the buffer through the chip's cache, which when repeated millions of times successively would enable attackers to siphon streams of all the data the CPU accesses in real time.

Intel said it has issued patches for both hardware and software since its own researchers found the MDS bugs last year.

From Wired
View Full Article

 

Abstracts Copyright © 2019 SmithBucklin, Washington, DC, USA


 

No entries found