News of the Spectre and Meltdown vulnerability families found in the silicon of most modern processors found in January has triggered the start of a terrible year for the semiconductor industry, particularly for Intel, which remains the most affected vendor and has been forced to release security patches that affect performance and that had an unfortunate tendency to jam systems. The MIT appears to be close to a final solution.
New versions have been created since the original versions were released: Spectre variant 4, variants 1.1 and 1.2, SpectreRSB and NetSpectre, which can be used remotely, to name just a few. While Intel’s latest CPUs include hardware protection against some variants, while others are based on microcode or software patches, a new protection technique from MIT researchers might solve the problem.
The research team’s work is based on Intel’s Cache Allocation Technology (CAT), which was introduced in 2016 to improve security but didn’t go far enough to avoid Spectre and Meltdown. The system, called DAWG, provides a method to completely isolate each thread of the program from the others and, more importantly, has minimal impact on performance over the CATm and requires only minor changes to the operating system.
While the DAWG promises protection against current and future Spectre and Meltdown attacks, it is not a cureshell, but the team warns that the system is not yet sufficiently developed to be protected against the full range of currently known attacks, even though it hopes to achieve this with future development.