Skip to main content
  1. Home
  2. Computing
  3. Mobile
  4. News

New ‘Prime’ Meltdown, Spectre exploits outlined by Nvidia, Princeton University

Add as a preferred source on Google

Just one month after researchers exposed methods to extract sensitive data from a device’s memory through all modern processors, another research paper arrives to illustrate how the processor design flaw can be used in other attacks. The paper, dubbing the new exploits MeltdownPrime and SpectrePrime, derives from three researchers who work at at Princeton University and graphics chip manufacturer Nvidia. 

As reported last month, all processors dating back to at least 2011 have a flaw in the way they’re designed. Part of a processor’s speed comes from its ability to predict where the current list of instructions will go — they have “branch prediction units” that take an educated guess about what command will come next. To make these predictions, processors toss data back and forth from two memory sets: local on-chip memory called cache for fast access, and the PC’s system memory. This data isn’t secured, and that’s where the original Meltdown and Spectre attacks come in. 

Recommended Videos

The Meltdown approach applies to Intel and Apple processors. A hacker can create a malicious program to access that raw information, which could include usernames, passwords, credit card numbers, and so on. It taps into the privileged information typically only accessible by the root of an operating system, otherwise known as the kernel. 

Meanwhile, Spectre applies to Intel, AMD, and all mobile chips based on ARM’s processor design, including Apple. Here hackers can create a program to trick the processor into executing instructions not built into legitimate programs and apps installed on the PC. In other words, your favorite apps and programs could be tricked into coughing up your sensitive data. 

Both methods are merely proof-of-concepts reported by Google Project Zero, and researchers from Cerberus Technology and various universities. Both are called side-channel attacks as they don’t target specific software, such as Adobe Flash. 

The new MeltdownPrime and SpectrePrime exploits rely on an attack called Prime+Probe that takes advantage of processor “cache invalidations,” which is a method of replacing or removing entries in the CPU’s cache. Whereas Meltdown and Spectre simply “pollute” this cache during the CPU’s path prediction (aka speculative execution), the new exploits take a different approach. 

“MeltdownPrime and SpectrePrime are caused by write requests being sent out speculatively in a system that uses an invalidation-based coherence protocol,” the paper states. A coherence protocol means that the PC is keeping all data stored in cache and memory consistent. But that protocol may “invalidate cache lines in sharer cores as a result of a speculative write access request even if the operation is eventually squashed.” 

The researchers validated their findings using a MacBook packing an Intel Core i7 processor, and MacOS Sierra v10.12.6. They ran the exploit 100 times on the machine, with a 99.95-percent success rate for SpectrePrime versus the 97.9-percent rate seen with the vanilla Spectre exploit. 

“We believe that any software techniques that mitigate Meltdown and Spectre will also be sufficient to mitigate MeltdownPrime and SpectrePrime. On the other hand, we believe that microarchitectural mitigation of our Prime variants will require new considerations,” the paper states. 

Kevin Parrish
Kevin started taking PCs apart in the 90s when Quake was on the way and his PC lacked the required components. Since then…
macOS clipboard app Maccy has a fake out there stealing passwords
PamStealer malware is disguising itself as Maccy to target Mac users
Depicting of the Maccy clipboard app for macOS on a laptop with letters inb the background.

A fake version of Maccy, a popular clipboard manager for macOS, is being used to deliver a newly discovered Mac malware strain called PamStealer. Researchers at Jamf say the malware impersonates the real open-source app, but its actual purpose is to steal data and capture a victim’s login password.

PamStealer arrives as a disk image containing an AppleScript file that impersonates Maccy. Once the user opens that file, macOS launches it in Script Editor, where the on-screen instructions tell them to press Command-R. To someone expecting a normal app installer, that may look like an odd setup step. In reality, that action runs hidden malware code and starts the attack.

Read more
A new technology teaching drones to feel pain could stop your self-driving car from harming itself
Drones first, autonomous cars next. A pain-sensing system that detects failure before it happens has real stakes for self-driving vehicles.
Transportation, Vehicle, Car

When you sprain your ankle in the middle of a run, your body sends a pain signal to your brain, forcing you to stop. Essentially, the ability to sense pain stops you from pushing through the injury and causing further self-harm.

Researchers at Delft University of Technology and Wageningen University have applied this exact concept to drones, giving them a digital equivalent of a nervous system that recognizes a faulty part and triggers a pain-like warning signal. What's even more interesting is that the technology could find use in self-driving cars.

Read more
Claude Fable 5 is leaving subscriptions, but maybe not for good
High demand is pushing Claude Fable 5 out of subscriptions for now
Claude Fable 5 and Claude Mythos 5 Official Render

Anthropic’s most advanced publicly available Claude model is still leaving standard subscription access after July 7, but the company is now trying to calm fears that the move is permanent.

Fable 5 recently returned to Claude after drawing scrutiny from the U.S. government. Anthropic said it would be included on Pro, Max, Team, and select Enterprise plans for up to 50% of weekly usage limits through July 7. After that date, the model is set to move to usage-credit billing, meaning users will pay for access outside their regular plan limits.

Read more