Researchers Claim to Find New Solution to Spectre, Meltdown


Credit: Jaiz Anuar/ShutterstockCredit: Jaiz Anuar/ShutterstockSpectre and Meltdown shook many PC enthusiasts when they came to light. They were essentially the first speculative execution flaws to attract global attention, and because they affected processors from Intel and AMD to varying degrees, the internet was awash with concern for several months. Eventually, researchers discovered more and more speculative execution flaws. But now  researchers at MIT's Computer Science and Artificial Intelligence Laboratory (CSAIL) believe they've found a way to prevent these attacks.

The researchers call their solution Dynamically Allocated Way Guard (DAWG) and revealed it in a recent paper. This name stands in opposition to Intel's Cache Allocation Technology (CAT) and is said to prevent attackers from accessing ostensibly secure information through exploiting flaws in the speculative execution process. Best of all, DAWG is said to require very few resources that CAT isn't already using and can be enabled with operating system changes instead of requiring the in-silicon fixes many thought were needed to address the flaws.

The side-channel attacks revealed earlier this year essentially work by compromising data from memory when the CPU is deciding where it should go. This would in turn allow them to gather passwords, encryption keys and other data they could then use to gain full access to a targeted system. The attacks varied in the vulnerabilities they leveraged and the way they could be addressed. Meltdown required operating system and firmware updates. Spectre was thought to require changes to CPU architectures, but CSAIL said DAWG blocks Spectre attacks itself.

Here's how the researchers summarized their approach with DAWG:

"Unlike existing mechanisms such as CAT, DAWG disallows hits across protection domains. This affects hit paths and cache coherence, and DAWG handles these issues with minimal modification to modern operating systems, while reducing the attack surface of operating systems to a small set of annotated sections where data moves across protection domains, or where domains are resized/reallocated. Only in these handful of routines, DAWG protection is relaxed, and other defensive mechanisms such as speculation fences are applied as needed."

CSAIL warned that DAWG isn't a perfect solution for all side-channel attacks. The researchers believe it will defend against Spectre Variant 1 and 2 as well as other vulnerabilities that rely on similar techniques (they're also planning to continue training DAWG to bark at...erm, defend against other attacks like these). If they're right and their solution is widely adopted, Spectre's impact could be significantly reduced without requiring people to buy new processors or sacrifice too much performance in exchange for security, as many (somewhat incorrectly) feared.

Create a new thread in the News comments forum about this subject
35 comments
Comment from the forums
    Your comment
  • Peter Martin
    oh, praying this is implemented and works.... get rid of all the stuttering in games and stuff
  • hannibal
    This would be good news. But if this is implemented via os update. You need guite new os like win10, ios12 and so on and of course the os can be compromised to bypass the DWAG and then the hardware, firmware and so on solutions are the last line of the defense.
  • derekullo
    Yo Dawg we heard you had some trouble with your code.

    So we added some code to yo code so yo code no longer in a state of trippin'