OpenBSD, an open source operating system that focuses on security, announced that it will disable Intel’s Hyper-Threading (HT) feature so that attackers can no longer employ Spectre-like cache timing attacks.
Intel Hyper-Threading Vulnerable To Side-Channel Attacks
Simultaneous Multi Threading (SMT) such as Intel’s HT technology typically share translation lookaside buffers (TLBs) and L1 caches between threads, which can make a type of side-channel attack called cache timing attacks much easier.
The OpenBSD team said it suspects that Intel’s HT will make several Spectre-class flaws exploitable. The team added that running multiple security domains on multiple threads of the same core has never been a good idea. However, changing the operating system software to now take this into account will not be a trivial task. Moreover, these days most device makers no longer allow users to disable Intel’s HT in the BIOS, either.
The developers noted that disabling HT on OpenBSD machines doesn’t necessarily mean the performance will suffer, as often HT can slow down certain tasks on devices with more than two cores, at least according to the OpenBSD developers. HT tends to be useful for highly parallel tasks where it can squeeze out all the performance the processor cores can give.
Intel CPU Architecture Change Is Now An Imperative
We haven’t even seen all the Spectre NG flaws be revealed yet, but whole operating systems such as OpenBSD are already making major compromises due to how vulnerable Intel’s CPU architecture seems to be to speculative execution attacks.
Spectre is likely going to end up being an entire class of bugs that will keep on giving operating system developers headaches, as other security researchers and attackers find new ways to exploit Intel’s CPU architecture. That means we won’t see true fixes until Intel eliminates this class of vulnerabilities completely by overhauling its CPU architecture.
This may be at least partially true for chipmakers other than Intel, too, who should also consider doing the same in the next few years. For now, though, Intel seems to be primary target of Spectre attacks, and that likely won’t change anytime soon.