Skip to main content

PortSmash attack exploits Intel’s Hyper-Threading architecture to steal your data

http://s3.amazonaws.com/digitaltrends-uploads-prod/2018/10/samsung-chg90-ultrawide-monitor-review-5481.jpg
Intel

Security researchers from Finland and Cuba have discovered a side-channel attack, known as PortSmash, that affects Intel chips and could allow attackers access to encrypted data processed from a computer’s CPU. The vulnerability exists on chipsets that use simultaneous multithreading (SMT) architecture, so it could also affect AMD chips in addition to Intel chips with Hyper-Threading technology.

Researchers claimed that they notified Intel of the vulnerability at the beginning of October, but the chip-maker did not have a patch ready until the end of the month, the same day that a proof-of-concept code was published on Github to show how the attack would work on Intel’s Skylake and Kaby Lake architectures.

For PortSmash to work, malicious code must run on the same PC using the same processor core as the legitimate code. SMT and Intel’s Hyper-Threading technology allow for codes to run on separate threads simultaneously using the same processor core. This delivers greater efficiency, as more code can be executed at the same time. However, code executed on one thread can also observe what is happening on the other thread, and an attacker could use this behavior to inject malicious code to run in tandem with a legitimate code in order to eavesdrop on the processor. The malicious code will leak out bits of encrypted data that it observed from the legitimate process, allowing an attacker to reconstruct the encrypted data from the leak.

“We detect port contention to construct a timing side channel to exfiltrate information from processes running in parallel on the same physical core,” Billy Brumley, security researcher, and one of the research paper’s authors, told The Register.

Intel has since responded to the findings of Brumley and his team, noting that the issue is not related to already widely-known vulnerabilities like Spectre or Meltdown.

“We expect that it is not unique to Intel platforms,” Intel said. “Research on side-channel analysis methods often focuses on manipulating and measuring the characteristics, such as timing, of shared hardware resources. Software or software libraries can be protected against such issues by employing side channel safe development practices. Protecting our customers’ data and ensuring the security of our products is a top priority for Intel and we will continue to work with customers, partners, and researchers to understand and mitigate any vulnerabilities that are identified.”

Brumley noted that in order for PortSmash to work, the malicious code must run on the same processor as the target machine. Brumley’s team has not tested PortSmash on AMD processors, but the plan is to see if the same kind of attack can happen on Ryzen processors in the future.

Chuong Nguyen
Silicon Valley-based technology reporter and Giants baseball fan who splits his time between Northern California and Southern…
If you want to buy an RTX 4090, now might be your last chance
Nvidia GeForce RTX 4090 GPU.

There's no disputing that the RTX 4090 is one of the best graphics cards you can buy, but now might be your last chance to buy it. According to members of the Board Channels forum (via VideoCardz), Nvidia has discontinued the graphics card and will stop fulfilling new orders this month.

We saw this coming. Last month, members of the Board Channels forums signaled that Nvidia was getting ready to discontinue the RTX 4090 to make way for next-gen RTX 50-series GPUs. Nvidia hasn't said it's discontinuing the card, and it likely won't, but some regions are already experiencing shortages and increased prices. The German outlet PC Games Hardware writes: "It is now becoming increasingly clear that the GeForce RTX 4090 ... will soon have reached its end of lifetime," following high prices and "increasingly poor availability" in the region.

Read more
How to use iPhone Mirroring on your Mac
Apple's Craig Federighi demonstrates the iPhone Mirroring feature in macOS Sequoia at the Worldwide Developers Conference (WWDC) in June 2024.

Earlier this year, Apple introduced iPhone Mirroring. This macOS Sequoia feature puts a mirrored version of your iPhone right on your Mac’s desktop, enabling you to interact with your iPhone without ever needing to have it in your hands. You can open iOS apps, send emails, change settings, and much more, all from the comfort of your Mac.

Read more
How to install an Intel processor
Installing your first Intel processor? Follow these simple steps to do it right
Coffee Lake

Choosing the best new CPU is a big deal, but once you've done it, you'll need to install the device.

Installing an Intel CPU is just as easy as installing an AMD one, with some minor caveats that make it a little different. You'll need a few pieces of equipment before we get started, but nothing that will cost you more than a few dollars.
Step 1: Prepare your tools

Read more