Vinay Gupta recently gave a video interview in which he questioned the security of Intel processors. Gupta said that since various NSA-related leaks show that large tech companies allow the U.S. government to place spy capabilities on their hardware, it's not a stretch to guess that popular processors are at least vulnerable.
A Forbes publication has just confirmed Gupta's suspicions. Forbes writer Bruce Upbin, reporting on a new Cornell University Library study, writes:
“Any computer running a late-model Intel microprocessor and a Web browser using HTML5 (i.e., 80% of all PCs in the world) is vulnerable to this attack.”
The attack, which requires no physical access or proximity to the victim's computer, takes place when the victim unknowingly visits an attacker's website. The website deploys software inside the computer that “manipulates how data moves in and out of a victim PC’s cache, which is the part of the CPU that serves as the intermediary between the high-speed central processor and the lower-speed random access memory or RAM.”
The malicious software then begins to record the time that it takes for the victim's computer to run various operations in its cache memory. These recordings can then be examined to gather “an accurate picture about a user’s browser history, keystrokes and mouse movements.”
To put this threat into perspective, here's a merely partial list of the PC manufacturers who use Intel processors:
- Hewlett-Packard (HP)
- Acer
- Dell
- Lenovo
- Toshiba
- IBM
(It's unclear whether Apple computers, which have used Intel processors since 2006, qualify as “PCs” in the report.)
Can anything be done in the short term? Further citing Cornell's research, Upbin writes that there are at least two ways to thwart this kind of attack:
“One would be to restrict access to the high-resolution timer to only those applications that gain the user’s consent by displaying a confirmation pop-up dialog box [...] Another way would be to use separate Javascript software that would analyze how memory is being accessed to spot telltale spying behavior.”
But what about the long term? Will continued revelations about the vulnerabilities of closed-source hardware ultimately create a market for open-source hardware? And if so, how could consumers verify the fidelity of open-source hardware?
What do you think? Share in the comments below.
Did you enjoy this article? You may also be interested in reading these ones: