IT teams advised to turn off hyperthreading in applications
Cybersecurity professionals need to start asking application owners which is more important: security or performance.
In the wake of additional revelations relating to the same type of Spectre and Meltdown processor flaws that were first revealed last year, it now appears there are additional variants of this same type of flaw, namely Fallout and ZombieLoad. More trouble still, cybersecurity professionals should expect to see additional variants of these flaws to be disclosed on a regular basis, says Greg Kroah-Hartman, a fellow at the Linux Foundation that in one of the maintainers of the Linux kernel.
Speaking this week at the KubeCon + CloudNativeCon + Open Source Summit China conference, Kroah-Hartman told attendees that the core cybersecurity issue that has arisen comes down to how processors rely on speculative execution models to enable hyperthreading to boost application performance. The problem is those speculative execution models expose data to all the applications and, theoretically malware, running on that machine. It’s not possible to isolate those applications because the models run on the processor well below where a virtual machine that is in theory supposed to be isolating applications.
The only way to prevent these flaws from becoming a significant cybersecurity issue is to turn off hyperthreading or continually flush the CPU memory buffers, says Kroah-Hartman. The latter approach is a very slow and tedious process. Turning off hyperthreading, however, is going to result in about a 15 percent decrease in overall application performance, adds Kroah-Hartman.
The challenge is most IT organizations are already running applications that invoke hyperthreading. Kroah-Hartman also notes that many providers of cloud services have yet to provide an option where customers can elect to run their applications on systems where support for hyperthreading has been disabled. There are BIOS and kernel patches being made available to deal with these issues, but IT organizations will need to make sure that both sets of patches are applied every time one becomes available. However, now that cybercriminals have been made aware there are multiple types of potential flaws relating to how speculative execution models work, it’s now only a matter of time before they more aggressively exploit this vulnerability.
Kroah-Harman said organizations should choose security over performance every time. However, every cybersecurity professional knows that developers are graded on how fast their applications are going to run. Many of them are counting on that extra 15% of performance being available.
Like it or not, cybersecurity teams are going to have to make an inventory of the applications running in their environment that are employing hyperthreading functions. Developers are not going to be especially excited about being required to stop taking advantage of hyperthreading, but the risks are simply too high. In fact, it won’t be long before auditors start seizing on the issue.
In much the same way Ralph Nader once determined that automobiles were unsafe at any speed, the same can now be said for applications that rely on hyperthreading. Given all the potential damage to the business, however, it’s hard to see how 15% additional performance is worth the risk.