RESEARCHERS HAVE found a flaw in chip design that could make hacking not only a possibility but also a very hard fix.
The attack on Memory Management Units (MMU) of processors can exploit the locations used to store virtual memory and cache, and payload them.
A team of Dutch researchers has found a way to allow hackers to make a marker showing where they are within the VMU, and then all they need to do is exploit their way in through a software flaw (very common) and lay some eggs.
In theory, there should be randomisation where this is concerned, known as Address Space Layout Randomisation (ASLR), but because this technique waves a big flag showing what part of random you are in, that entire line of defence is useless.
The technique was first demonstrated with Intel Haswell chips last year, but the problem is bigger than first thought. It has also reared its head in iOS code, but this is the first time it has been shown to be this easy.
Worse still, because it's on the chip, it's not platform dependent, and it can't be fixed with a software update. Of course, preventing sloppy coding and paying attention to fixes as they arise is going to help massively, but when push comes to shove unless every piece of software in the history of everything is fixed, the problem still remains.
"Bugs are everywhere, but ASLR is a mitigation that makes bugs hard to exploit," Ben Gras, a researcher at the Free University of Amsterdam told Wired. "This technique makes bugs that weren't exploitable, exploitable again. In some sense, it takes us back to the '90s in terms of security."
The vulnerability comes from the program listening to the speed of the cache and thus deducing what part has just been overwritten, like a stethoscope at a safe.
At present, the team that has made the proof of concept has not made it public but has shared it with major chip manufacturers and hardware companies with a warning to get it fixed. However. they warn that there's enough information from what they've said so far to allow it to be reverse engineered.
That ticking you hear is either the sound of a safe being cracked or a timebomb. µ
We should be shocked, but...
But the search giant has now squashed the bug
But it's not yet available here in Blighty