Skip to main content

PortSmash attack exploits Intel’s Hyper-Threading architecture to steal your data

http://s3.amazonaws.com/digitaltrends-uploads-prod/2018/10/samsung-chg90-ultrawide-monitor-review-5481.jpg
Intel

Security researchers from Finland and Cuba have discovered a side-channel attack, known as PortSmash, that affects Intel chips and could allow attackers access to encrypted data processed from a computer’s CPU. The vulnerability exists on chipsets that use simultaneous multithreading (SMT) architecture, so it could also affect AMD chips in addition to Intel chips with Hyper-Threading technology.

Researchers claimed that they notified Intel of the vulnerability at the beginning of October, but the chip-maker did not have a patch ready until the end of the month, the same day that a proof-of-concept code was published on Github to show how the attack would work on Intel’s Skylake and Kaby Lake architectures.

Recommended Videos

For PortSmash to work, malicious code must run on the same PC using the same processor core as the legitimate code. SMT and Intel’s Hyper-Threading technology allow for codes to run on separate threads simultaneously using the same processor core. This delivers greater efficiency, as more code can be executed at the same time. However, code executed on one thread can also observe what is happening on the other thread, and an attacker could use this behavior to inject malicious code to run in tandem with a legitimate code in order to eavesdrop on the processor. The malicious code will leak out bits of encrypted data that it observed from the legitimate process, allowing an attacker to reconstruct the encrypted data from the leak.

Please enable Javascript to view this content

“We detect port contention to construct a timing side channel to exfiltrate information from processes running in parallel on the same physical core,” Billy Brumley, security researcher, and one of the research paper’s authors, told The Register.

Intel has since responded to the findings of Brumley and his team, noting that the issue is not related to already widely-known vulnerabilities like Spectre or Meltdown.

“We expect that it is not unique to Intel platforms,” Intel said. “Research on side-channel analysis methods often focuses on manipulating and measuring the characteristics, such as timing, of shared hardware resources. Software or software libraries can be protected against such issues by employing side channel safe development practices. Protecting our customers’ data and ensuring the security of our products is a top priority for Intel and we will continue to work with customers, partners, and researchers to understand and mitigate any vulnerabilities that are identified.”

Brumley noted that in order for PortSmash to work, the malicious code must run on the same processor as the target machine. Brumley’s team has not tested PortSmash on AMD processors, but the plan is to see if the same kind of attack can happen on Ryzen processors in the future.

Chuong Nguyen
Silicon Valley-based technology reporter and Giants baseball fan who splits his time between Northern California and Southern…
One of the most exciting upcoming CES 2025 launches just got leaked
lenovo foldable laptop extended.

Last year, Lenovo teased a rollable laptop at MWC 2023, but it was purely a prototype. Now, a leak covered by The Verge from Evan Blass claims that the concept is becoming a reality and will be released at CES 2025 in just a few weeks.

The concept Lenovo laptop from last year looks like a completely normal laptop at first, but once you press a button on the side, more screen literally starts rolling out from under the keyboard. The screen slowly grows until you have basically two laptop screens stacked on top of each other.

Read more
ChatGPT just got a bump to its coding powers
ChatGPT collaborating with Notion

For its penultimate 12 Days of OpenAI announcement, the company revealed a trio of updates to ChatGPT's app integration on Thursday, which should make using the AI in conjunction with other programs on your desktop less of a chore.

OpenAI unveiled ChatGPT's ability to collaborate with select developer-focused macOS apps, specifically VS Code, Xcode, TextEdit, Terminal, and iTerm2, back in November. Rather than needing to copy and paste code into ChatGPT, this feature allows the chatbot to pull specified content from the coding app as you enter your text prompt. ChatGPT, however, cannot generate code directly into the app, as Cursor or GitHub Copilot are able to.

Read more
Here’s why some PC gamers shouldn’t install the latest Windows 11 update
Overwatch 2 running on the LG OLED 27 gaming monitor.

The latest Windows 11 update, codenamed 24H2, has been a troubled rollout for Microsoft, but one thing's been clear from the beginning: PC gamers should wait to install it. Let's add another issue to the list, shall we?

As spotted by Windows Latest, Microsoft has confirmed in an update to its Windows 11 24H2 problems page, that Windows 11 24H2 is causing issues with its Auto HDR feature. The result of the bug is that incorrect colors are being displayed or, even worse, are breaking games entirely and causing them to not be responsive.

Read more