Intel Security Issue Engulfs Apple, Microsoft, Linux—Intel Claims Other Processors Also Affected

Slow Work Ahead - Intel Inside

An Intel security issue building behind the scenes for weeks has bubbled to the surface, and could lead to performance hits on Macs, Windows PCs, and Linux devices. While those companies work on significant changes to their operating systems, Intel released a statement to Axios on Wednesday saying the problem isn’t limited to its processors.

Slow Work Ahead - Intel Inside

While Intel didn’t specifically throw ARM or AMD processors under the bus, the company did say, “many types of computing devices — with many different vendors’ processors and operating systems — are susceptible to these exploits.”

Intel also said:

AMD, ARM Holdings and several operating system vendors, to develop an industry-wide approach to resolve this issue promptly and constructively. Intel has begun providing software and firmware updates to mitigate these exploits.

The Problem

The story that emerged late Tuesday was that security researchers have found problems with the way control of an Intel processor is handed off between apps and an operating system’s kernel. This problem could allow malicious hackers to take control of your Mac, PC, or Linux box.

If Intel is right, the issue could also apply to iPhones, iPads, Android devices, and [all of the things]. The actual exploit hasn’t been publicly released yet, and I haven’t seen independent corroboration of Intel’s claims, but don’t doubt the company.

The issue does, at least, affect Intel processors released over the last 10 years, which effectively covers almost every computer that’s actually used.

Ars Technica has an excellent breakdown of the technical issues involved in this problem.

The Solution

To work around this problem, operating system vendors are having to recode parts of the kernel. What’s seen as the solution so far means changes that will include a performance hit on our devices simply because the workaround is less efficient than how these operating systems currently work.

Intel said in its statement that concerns about a performance hit are overblown, saying:

Contrary to some reports, any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time.

There’s some truth in that—few computers are running balls-out, meaning there’s some headroom for most computers doing most things.

Still, this bites. hard.

Industry Reaction

Apple hasn’t yet commented on the problem, but is believed to have been working on a solution. Microsoft is planning an update for the problem, and the Linux community has been very hard at work, too.

In fact, let’s take a peek at something from The Register, which broke the story:

The fix is to separate the kernel’s memory completely from user processes using what’s called Kernel Page Table Isolation, or KPTI. At one point, Forcefully Unmap Complete Kernel With Interrupt Trampolines, aka FUCKWIT, was mulled by the Linux kernel team, giving you an idea of how annoying this has been for the developers.

That sounds about right.

7 thoughts on “Intel Security Issue Engulfs Apple, Microsoft, Linux—Intel Claims Other Processors Also Affected

  • The Reg story really only covers #Meltdown in detail, it wasn’t apparent on first reading that there was another #Spectre that’s more widespread, if it covers AMD and ARM its a pretty fundamental design flaw.

    Given that #Spectre is probably the bigger of the two issues, looks like my G5 Cube is going to get a new lease of life, even if its running BSD, apparently not vulnerable to this one, but there will be others….

    #Meltdown only affects Intel chips AFAIK, the place to look for definitive statements is CERT, here .

  • Wow, cloud service providers should be scrambling!!!

    Talk about potential for multiple large scale data breaches simultaneously , all areas ( private, public and government).

  • Thanks for the link to the Ars article. I’ve been hearing about this for a couple of days but nothing very high level.

    All I can say is YIKES. This is a biggie.

    I wonder, MS and the Linux community are fixing it in the OS> I wonder if Apple might be able to do it in Firmware and avoid some of the performance hit. Just speculation.

  • Bryan

    I like the Ars article a lot. Anything that makes heavy usage of the kernel will be slowed. Other articles I have read have pointed out this will be hard on heavy I/O processes and also virtual machine environments. As the Ars article pointed out the OS workarounds are not fixes. They just try to get around what the hardware is designed to do by implementing a software work around. I disagree with Intel’s PR release as this defect will have some performance hit on any machine running an Intel processor.

  • Bryan:

    Given the placid uneventfulness reigning the world today, this little hiccup is such welcome reprieve. Thank goodness no device was spared; revels all round.

    There’s some truth in that—few computers are running balls-out, meaning there’s some headroom for most computers doing most things.

    True, but when they do, particularly our smaller devices, it sounds like they’ll be gelded for their troubles. Fixed indeed.

    On that note, I’d say that the Linux kernel team’s assessment is aptly put.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.