• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

MIT Researches Find a New Way to Fix Spectre and Meltdown, Isolation Is Key

Joined
Sep 25, 2018
Messages
84 (0.04/day)
The Meltdown and Spectre vulnerabilities have been a real nightmare throughout this year. Those affected were quick (maybe too much) to mitigate the problems with different solutions, but months later even the most recent Intel chips aren't completely safe. Hardware fixes only work for certain Meltdown variants, while the rest are still mitigated with firmware and OS updates that have certain impact on performance.

Intel will have to redesign certain features on their future processors to finally forget Meltdown and Spectre, but meanwhile others have jumped to give some options. MIT researchers have developed a way to partition and isolate memory caches with 'protection domains'. Unlike Intel's Cache Allocation Technology (CAT), MIT's technology, called DAWG (Dynamically Allocated Way Guard) disallows hits across those protection domains. This is important, because attackers targeting this vulnerabilities take advantage of 'cache timing attacks' and can get access to sensible, private data.




Intel's public image was badly damaged not only by the discovery of these vulnerabilities, but also by data that appeared afterwards. The company released Coffee Lake knowing that it was vulnerable to Spectre and Meltdown, and Brian Krzanich sold $24 million of stocks in November 24th, weeks after Intel knew about those security issues (and kept them in secret). Microsoft initial solution was a disaster and Intel's one was called 'complete and utter garbage' by Linus Torvalds. AMD confirmed they were also affected, although not as much as Intel, and we've seen how new variants could be exploited too and put our data in danger. And on, and on, and on.


According to MIT researcher's paper (PDF), DAWG requires "minimal modifications to the underlying operating system", and they assure the performance overhead is "reasonable". Although it's not a silver bullet for all known attacks, they hope to expand this project to fix all Meltdown and Spectre variants.

View at TechPowerUp Main Site
 
Joined
Nov 3, 2007
Messages
1,700 (0.27/day)
How would a roll out of something like this work? Would MB vendors have to decide how to mitigate, Intel method vs MIT method? Then OS updates and bios updates already in the wild would have to either be retracted or validated to work in conjunction with DAWG?

Or would Intel have to accept MIT did it better, and then Intel embraces this and rolls it out as their own?
 
Joined
Oct 6, 2018
Messages
220 (0.10/day)
System Name SALTY
Processor A10-5800K
Motherboard A75
Cooling Air
Memory 10Gig DDR133
Video Card(s) HD 7660D
Storage HDD
Display(s) 4k HDR TV
Power Supply 320 Watt
How would a roll out of something like this work? Would MB vendors have to decide how to mitigate, Intel method vs MIT method? Then OS updates and bios updates already in the wild would have to either be retracted or validated to work in conjunction with DAWG?

Or would Intel have to accept MIT did it better, and then Intel embraces this and rolls it out as their own?

better to listen and learn rather than think we can do this our self, so even if you have the best minds in the world, it could just take someone to look at something with a different approach.
 
Joined
Sep 25, 2018
Messages
84 (0.04/day)
How would a roll out of something like this work? Would MB vendors have to decide how to mitigate, Intel method vs MIT method? Then OS updates and bios updates already in the wild would have to either be retracted or validated to work in conjunction with DAWG?

Or would Intel have to accept MIT did it better, and then Intel embraces this and rolls it out as their own?

If you take a look at the paper researchers mention both "minimal modifications to hardware" and "minimal modification to modern operating systems", so it seems Intel would have to implement those changes on their chips and then Microsoft, Apple, Linux and others would have to modify their OS to complete DAWG's implementation.
 
Joined
Sep 17, 2014
Messages
22,468 (6.03/day)
Location
The Washing Machine
Processor 7800X3D
Motherboard MSI MAG Mortar b650m wifi
Cooling Thermalright Peerless Assassin
Memory 32GB Corsair Vengeance 30CL6000
Video Card(s) ASRock RX7900XT Phantom Gaming
Storage Lexar NM790 4TB + Samsung 850 EVO 1TB + Samsung 980 1TB + Crucial BX100 250GB
Display(s) Gigabyte G34QWC (3440x1440)
Case Lian Li A3 mATX White
Audio Device(s) Harman Kardon AVR137 + 2.1
Power Supply EVGA Supernova G2 750W
Mouse Steelseries Aerox 5
Keyboard Lenovo Thinkpad Trackpoint II
Software W11 IoT Enterprise LTSC
Benchmark Scores Over 9000
How would a roll out of something like this work? Would MB vendors have to decide how to mitigate, Intel method vs MIT method? Then OS updates and bios updates already in the wild would have to either be retracted or validated to work in conjunction with DAWG?

Or would Intel have to accept MIT did it better, and then Intel embraces this and rolls it out as their own?

What you get is a task force of people from different companies meeting up and sharing work to reach a specified goal. That is how the rollouts have been done up to this point. Everyone benefits from a better solution here, media spin is secondary.
 
Joined
Aug 20, 2007
Messages
21,476 (3.40/day)
System Name Pioneer
Processor Ryzen R9 9950X
Motherboard GIGABYTE Aorus Elite X670 AX
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory 64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s) XFX RX 7900 XTX Speedster Merc 310
Storage Intel 905p Optane 960GB boot, +2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply FSP Hydro Ti Pro 850W
Mouse Logitech G305 Lightspeed Wireless
Keyboard WASD Code v3 with Cherry Green keyswitches + PBT DS keycaps
Software Gentoo Linux x64 / Windows 11 Enterprise IoT 2024
How would a roll out of something like this work? Would MB vendors have to decide how to mitigate, Intel method vs MIT method? Then OS updates and bios updates already in the wild would have to either be retracted or validated to work in conjunction with DAWG?

Or would Intel have to accept MIT did it better, and then Intel embraces this and rolls it out as their own?

It reads like a software solution to memory allocation. In which case, it'd be up to OS vendors (not microcode) to provide updates.

EDIT: oops, they mention hardware changes too. Looks like both will need to work together again...
 

HTC

Joined
Apr 1, 2008
Messages
4,664 (0.77/day)
Location
Portugal
System Name HTC's System
Processor Ryzen 5 5800X3D
Motherboard Asrock Taichi X370
Cooling NH-C14, with the AM4 mounting kit
Memory G.Skill Kit 16GB DDR4 F4 - 3200 C16D - 16 GTZB
Video Card(s) Sapphire Pulse 6600 8 GB
Storage 1 Samsung NVMe 960 EVO 250 GB + 1 3.5" Seagate IronWolf Pro 6TB 7200RPM 256MB SATA III
Display(s) LG 27UD58
Case Fractal Design Define R6 USB-C
Audio Device(s) Onboard
Power Supply Corsair TX 850M 80+ Gold
Mouse Razer Deathadder Elite
Software Ubuntu 20.04.6 LTS
Any word on Spectre and AMD, yet? Does this "fix" work the same way?
 
Joined
Feb 18, 2013
Messages
2,182 (0.51/day)
Location
Deez Nutz, bozo!
System Name Rainbow Puke Machine :D
Processor Intel Core i5-11400 (MCE enabled, PL removed)
Motherboard ASUS STRIX B560-G GAMING WIFI mATX
Cooling Corsair H60i RGB PRO XT AIO + HD120 RGB (x3) + SP120 RGB PRO (x3) + Commander PRO
Memory Corsair Vengeance RGB RT 2 x 8GB 3200MHz DDR4 C16
Video Card(s) Zotac RTX2060 Twin Fan 6GB GDDR6 (Stock)
Storage Corsair MP600 PRO 1TB M.2 PCIe Gen4 x4 SSD
Display(s) LG 29WK600-W Ultrawide 1080p IPS Monitor (primary display)
Case Corsair iCUE 220T RGB Airflow (White) w/Lighting Node CORE + Lighting Node PRO RGB LED Strips (x4).
Audio Device(s) ASUS ROG Supreme FX S1220A w/ Savitech SV3H712 AMP + Sonic Studio 3 suite
Power Supply Corsair RM750x 80 Plus Gold Fully Modular
Mouse Corsair M65 RGB FPS Gaming (White)
Keyboard Corsair K60 PRO RGB Mechanical w/ Cherry VIOLA Switches
Software Windows 11 Professional x64 (Update 23H2)
which is better? a cat or a dawg? xD
 
Top