Stories
Slash Boxes
Comments

SoylentNews is people

Submission Preview

Link to Story

MIT Researchers Claim to Have a Solution for Some Speculative Execution Attacks

Accepted submission by takyon at 2018-10-19 03:49:06
Security

Researchers Claim to Find New Solution to Spectre, Meltdown [tomshardware.com]

The researchers call their solution Dynamically Allocated Way Guard (DAWG) and revealed it in a recent paper [iacr.org]. This name stands in opposition to Intel's Cache Allocation Technology (CAT) and is said to prevent attackers from accessing ostensibly secure information through exploiting flaws in the speculative execution process. Best of all, DAWG is said to require very few resources that CAT isn't already using and can be enabled with operating system changes instead of requiring the in-silicon fixes many thought were needed to address the flaws.

[...] Here's how the researchers summarized their approach with DAWG:

"Unlike existing mechanisms such as CAT, DAWG disallows hits across protection domains. This affects hit paths and cache coherence, and DAWG handles these issues with minimal modification to modern operating systems, while reducing the attack surface of operating systems to a small set of annotated sections where data moves across protection domains, or where domains are resized/reallocated. Only in these handful of routines, DAWG protection is relaxed, and other defensive mechanisms such as speculation fences are applied as needed."

Also at TechCrunch [techcrunch.com] and Engadget [engadget.com].


Original Submission