In the last few years, Intel’s x86 architecture has made more news for its built-in insecure features. With all the Spectre and Meltdown variants out there, the chipmakers have been taking these kinds of side-channel attacks on the chin for a while. With the slow of Moore’s Law and a newly resurgent AMD, it’s proven to be a turbulent time for Intel.
With the upcoming release of Intel’s new Tiger Lake mobile chips, it’s hoping to change both the narrative and, more importantly, the underlying technology. These chips will be the first to integrate Control-flow Enforcement Technology, which Intel hopes will help defeat malware at the silicon level.
CET has two main innovations. One is Shadow stack, which essentially stores a copy of the application order of operations in a secure part of the CPU, which is then used to compare to apps over time. Malware typically alters this order and shadow stack can detect this immediately. The other security feature is indirect branch tracking, which helps prevent malware exploiting “jump tables” and essentially tries to map memory locations outside of what an app typically has access to.
Intel published the specification on this in 2016, and Windows Insider builds already support it. Given Intel’s still impressive market share and long lead time, I think the adoption of these new security features could help make a difference. Intel will probably be haunted by the implications of their architectural security vulnerabilities for a long time, but aggressively deploying CET across their future chip designs will go a long way to combat it.