TechDogs- "Intel’s Latest ‘Downfall’ Can Help Hackers Steal Passwords And More!"

IT Infrastructure

Intel’s Latest ‘Downfall’ Can Help Hackers Steal Passwords And More!

By TD NewsDesk

TD NewsDesk

Updated on Tue, Aug 15, 2023

Overall Rating

Security! Privacy! Compliance!  

These words concern business leaders as they are ever cautious about security concerns.  

This time, it's Intel that has come under the spotlight! Some vulnerabilities have been discovered in Intel processors with millions of chips potentially affected.  

The vulnerability could be exploited for a specific set of data meant to keep a system isolated and private. This would allow hackers to get sensitive data such as financial details, passwords and encrypted details. (Changing passwords from “Password@123” to “Password@987” does not help!) 

Daniel Moghimi, a Google researcher, first discovered the Intel vulnerability and called it 'Downfall'. It occurs in the chips’ code that can use an instruction known as “gather” to quickly access scattered data in the chips’ memory.  

While explaining 'Downfall', Moghimi stated, "Memory operations to access data that is scattered in memory are very useful and make things faster, but whenever things are faster there's some type of optimization—something the designers do to make it faster," Furthermore, he also shared his experience of working with vulnerabilities. "Based on my past experience working on these types of vulnerabilities, I had an intuition that there could be some kind of information leak with this instruction." 

An Image Of Intel Core ChipSource

This vulnerability has been affecting various Intel chip families produced by Intel, such as the Skylake chip family (2015-2019), the Tiger Lake family (debuted in 2020) and the Ice Lake family (2019-2021). However, due to new defenses added by Intel, the current generation of chips (the Alder Lake, Raptor Lake and Sapphire Rapids) are not affected. Interesting names, though, right?  

While Intel has started releasing the fixes, fixing Downfall has been challenging and complicated as the fixes need to go through each manufacturer that incorporates devices with affected Intel chips. The device makers would need to take the code provided by Intel and create tailored patches for users. 

"Over the past few years, the process with Intel has improved, but broadly in the hardware industry we need agility in how we address and respond to these kinds of issues," Moghimi says. "Companies need to be able to respond faster and speed up the process of issuing firmware fixes, microcode fixes, because waiting one year is a big window when anyone else could find and exploit this." 

Intel finds it complex and challenging to conduct Downfall attacks in real-world conditions. However, Moghimi took only a few weeks to develop proofs of concept for the attack. He also notes that relative to other vulnerability-related bugs, Downfall would be easier and doable flaws for an attacker to exploit.  

Moghimi further adds that Downfall seems to only impact the Intel chips. However, similar flaws could lurk in processors made by other manufacturers. He adds, "Even though this particular release is not affecting other manufacturers directly, they need to learn from it and invest a lot more in verification." 

Do you think Intel’s Downfall will be a major concern for businesses? Should chip manufacturers be held responsible for security flaws? 

We would love to hear your thoughts, so drop your thoughts in the comment section!  

First published on Tue, Aug 15, 2023

Liked what you read? That’s only the tip of the tech iceberg!

Explore our vast collection of tech articles including introductory guides, product reviews, trends and more, stay up to date with the latest news, relish thought-provoking interviews and the hottest AI blogs, and tickle your funny bone with hilarious tech memes!

Plus, get access to branded insights from industry-leading global brands through informative white papers, engaging case studies, in-depth reports, enlightening videos and exciting events and webinars.

Dive into TechDogs' treasure trove today and Know Your World of technology like never before!

Disclaimer - Reference to any specific product, software or entity does not constitute an endorsement or recommendation by TechDogs nor should any data or content published be relied upon. The views expressed by TechDogs’ members and guests are their own and their appearance on our site does not imply an endorsement of them or any entity they represent. Views and opinions expressed by TechDogs’ Authors are those of the Authors and do not necessarily reflect the view of TechDogs or any of its officials. All information / content found on TechDogs’ site may not necessarily be reviewed by individuals with the expertise to validate its completeness, accuracy and reliability.

Tags:

Computer ProductsIntel Intel Chip Vulnerability Downfall

Join The Discussion

  • Dark
  • Light