An Intel security issue building behind the scenes for weeks has bubbled to the surface, and could lead to performance hits on Macs, Windows PCs, and Linux devices. While those companies work on significant changes to their operating systems, Intel released a statement to Axios on Wednesday saying the problem isn’t limited to its processors.
While Intel didn’t specifically throw ARM or AMD processors under the bus, the company did say, “many types of computing devices — with many different vendors’ processors and operating systems — are susceptible to these exploits.”
Intel also said:
AMD, ARM Holdings and several operating system vendors, to develop an industry-wide approach to resolve this issue promptly and constructively. Intel has begun providing software and firmware updates to mitigate these exploits.
The story that emerged late Tuesday was that security researchers have found problems with the way control of an Intel processor is handed off between apps and an operating system’s kernel. This problem could allow malicious hackers to take control of your Mac, PC, or Linux box.
If Intel is right, the issue could also apply to iPhones, iPads, Android devices, and [all of the things]. The actual exploit hasn’t been publicly released yet, and I haven’t seen independent corroboration of Intel’s claims, but don’t doubt the company.
The issue does, at least, affect Intel processors released over the last 10 years, which effectively covers almost every computer that’s actually used.
Ars Technica has an excellent breakdown of the technical issues involved in this problem.
To work around this problem, operating system vendors are having to recode parts of the kernel. What’s seen as the solution so far means changes that will include a performance hit on our devices simply because the workaround is less efficient than how these operating systems currently work.
Intel said in its statement that concerns about a performance hit are overblown, saying:
Contrary to some reports, any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time.
There’s some truth in that—few computers are running balls-out, meaning there’s some headroom for most computers doing most things.
Still, this bites. hard.
Apple hasn’t yet commented on the problem, but is believed to have been working on a solution. Microsoft is planning an update for the problem, and the Linux community has been very hard at work, too.
In fact, let’s take a peek at something from The Register, which broke the story:
The fix is to separate the kernel’s memory completely from user processes using what’s called Kernel Page Table Isolation, or KPTI. At one point, Forcefully Unmap Complete Kernel With Interrupt Trampolines, aka FUCKWIT, was mulled by the Linux kernel team, giving you an idea of how annoying this has been for the developers.
That sounds about right.