Skip to content

January 12, 2018

Google details how it protected services like Gmail from Spectre

by John_A

Google says it already deployed anti-Spectre and Meltdown solutions to protect its products, and users didn’t even notice. The downside of the patches companies are rolling out to fix the CPU vulnerabilities is that they have the potential to slow down systems. For the big G, that means slowdown for huge services like Gmail, Google Drive and Search and its Cloud products. Mountain View had to gather hundreds of engineers working across the company to find a way to protect its products. After a few months, they found a solution for Meltdown and the first variant of Spectre (two of the three vulnerabilities), which they then started rolling out way back in September. Google says it didn’t get any complaint reporting performance degradation after it deployed the fix.

However, the second variant of Spectre proved a lot more problematic. Google’s engineers thought the only way to protect against it was to switch off the CPU features that made the chips vulnerable to attackers. Unfortunately, doing that slowed down applications considerably and caused inconsistent performance, so the tech titan had to look at unusual or “moonshot” solutions. It found the answer in Retpoline, a technique conjured up by Google Senior Staff Engineer Paul Turner, which “modifies programs to ensure that execution cannot be influenced by an attacker.”

Retpoline allowed Google to protect its services from the second variant of Spectre without having to modify source codes or to switch off hardware components. And by December, the company was done rolling our protections against all three variants. Google reiterates that it received no support tickets related to the updates, but then again, people might have attributed their complaints to other things if they didn’t know about the flaws.

Google considers this set of vulnerabilities the “most challenging and hardest to fix” it’s had to deal with in the past decade. That it was able to find solutions for them relatively quickly demonstrates just how powerful the company is. Thankfully, the tech titan isn’t keeping Retpoline a secret: it has shared its research with other tech companies in hopes that it “can be universally deployed to improve the cloud experience industry-wide.”

Via: TechCrunch

Source: Google

Advertisements
Read more from News

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Note: HTML is allowed. Your email address will never be published.

Subscribe to comments

%d bloggers like this: