Spectre attacks come back from the dead

Spectre attacks come back from the dead

Spectre is the name for a whole class of vulnerabilities discovered in January 2018 that affected huge numbers of modern computer processors that rely on a performance feature called speculative execution. Since then, some of the world’s most talented computer scientists from industry and academia have worked on software patches and hardware defenses.

Now it seems they may have to do it all over again.

New research has discovered Spectre attacks that bypass existing mitigations. Before we explain that though, let’s recap what Spectre is all about.

Speculative execution?

Speculative execution happens when a computer processor does some work it might need later, instead of waiting until it knows it definitely needs it. What emerged in 2018 is that speculative execution opens the possibility of side-channel attacks. Spectre-based attacks trick a program into accessing arbitrary locations in a program’s memory space. As a result an attacker may be able to read the content of the accessed memory, and thus potentially obtain sensitive data.

Or, as the researchers put it:

A Spectre attack tricks the processor into executing instructions along the wrong path. Even though the processor recovers and correctly completes its task, hackers can access confidential data while the processor is heading the wrong way.

Speculative execution can be compared to a reverse firing squad: One person has the gun and all the potential victims are lined up opposite. For the potential victims there is no way of knowing who will get executed first. But the person holding the gun may have one in mind.

Exploiting changes of heart

The researchers behind the latest discovery, a team of computer scientists from the University of Virginia and the University of California, San Di ..