Nor-Tech’s Fixes for the Meltdown and Spectre Hardware Exploits
As you may know, two significant hardware exploits—Meltdown and Spectre– were announced this week. Security researchers and academic institutions discovered a series of far-ranging security risks involving speculative execution, which is central to high-performance execution on today’s CPUs. As a result, nearly every high-performance CPU that has been produced in the last two decades is vulnerable to one or more exploits.
We don’t know to what degree the patches will impact performance on straight computation. The good news is that clusters don’t have a lot of virtualized systems. Compute nodes are on a separate network behind the head node’s firewall. Because the compute nodes have minimal exposure to the internet, some organizations may not patch their environment. This translates to minimal risk. However, the performance benefit may outweigh the risk factor for some organizations.
Software patches will be released soon. There are a lot of unknown issues so further patches are sure to follow. Firmware updates may be released sometime in the following weeks or months. We hope to have more to report in the near future when Intel announces the best course of action. Our Intel contacts have been working hard to address the situation and are updating us at regular intervals.
Intel has been aware of the exploits for months and has been working behind the scenes with operating system providers to resolve the issue. However they chose not to make an official announcement about the exploits to everyone else, including Nor-Tech, until Jan. 3 when the information had already become public.
Nor-Tech’s engineering team is always available to assure continuity of our clients’ operations and this situation is no different. We will update this as we learn more from our hardware and operating system vendors. Please do not hesitate to contact us for the latest news and to learn what can be done to implement updates and any other fixes that are available.
Following is a summary of information on the two exploits from: https://www.anandtech.com/show/12214/understanding-meltdown-and-spectre
The immediate concern is the Meltdown exploit, which primarily affects Intel’s CPUs, but also affects some ARM CPU designs. With Meltdown, it is possible for malicious code to abuse Intel and ARM’s speculative execution implementations to get the processor to leak information from other processes. As a result, Meltdown can be used to spy on other processes and leak information that should be restricted to the kernel, other programs, or other virtual machines.
Meanwhile a second class of attacks, Spectre, puts an even greater number of processors at risk. Every high-performance processor ever made – Intel, AMD, ARM, and POWER – may be vulnerable. Like Meltdown, a Spectre attack abuses speculative execution in order to mine information that should be restricted. Spectre is much more insidious than Meltdown. Spectre poses a fundamental risk of speculative execution that can now be weaponized.
Contact us for more info: firstname.lastname@example.org or call 952-808-1000; toll free: 877-808-1005. You can Live Chat from our website during business hours.