In the last few years, Intel’s x86 architecture has made more news for its built-in insecure features. With all the Spectre and Meltdown variants out there, the chipmakers have been taking these kinds of side-channel attacks on the chin for a while. With the slow of Moore’s Law and a newly resurgent AMD, it’s proven to be a turbulent time for Intel.
With the upcoming release of Intel’s new Tiger Lake mobile chips, it’s hoping to change both the narrative and, more importantly, the underlying technology. These chips will be the first to integrate Control-flow Enforcement Technology, which Intel hopes will help defeat malware at the silicon level.
CET has two main innovations. One is Shadow stack, which essentially stores a copy of the application order of operations in a secure part of the CPU, which is then used to compare to apps over time. Malware typically alters this order and shadow stack can detect this immediately. The other security feature is indirect branch tracking, which helps prevent malware exploiting “jump tables” and essentially tries to map memory locations outside of what an app typically has access to.
Intel published the specification on this in 2016, and Windows Insider builds already support it. Given Intel’s still impressive market share and long lead time, I think the adoption of these new security features could help make a difference. Intel will probably be haunted by the implications of their architectural security vulnerabilities for a long time, but aggressively deploying CET across their future chip designs will go a long way to combat it.
- Western Digital Shuffles WD Red Line - July 10, 2020
- Why Did VMware Buy Datrium? | Gestalt IT Rundown: July 8, 2020 - July 8, 2020
- Ep. 9: Is Remote Work The New Normal? - July 6, 2020
- VxRail Is Now Built for the Edge - July 6, 2020
- Supercomputers Are Switching to Arm Too - July 3, 2020
- AWS Goes to Space | Gestalt IT Rundown: July 1, 2020 - July 1, 2020
- Ep. 8: Is Dell Selling VMware? - June 29, 2020
- Intel’s Tiger Lake Is CET For Security - June 29, 2020
- NetApp Buys a Spot in the Cloud - June 26, 2020
- Will Dell Spinoff VMware? | Gestalt IT Rundown: June 24, 2020 - June 24, 2020