Security Software

More information on SMoTherSpectre

On March 5, researchers at IBM Research and EPFL published details and a proof-of-concept exploit they called SMoTherSpectre.

They demonstrate the creation of a side channel by taking advantage of port contention during speculative execution with simultaneous multithreading (SMT), including our implementation, called Intel® Hyper Threading (Intel® HT). A malicious actor can use port contention to detect timing differences between specific speculatively executed code sequences. The differences observed in those measurements can reveal data over time.

After careful assessment, Intel determined that existing mitigation methods like single thread indirect branch prediction (STIBP) can protect software against such issues. Because this style of attack targets specific application data and does not reveal the entire contents of the targeted program, turning on STIBP only when dealing with secret data would be sufficient to mitigate SMoTherSpectre. Sensitive applications may wish to run with STIBP set more broadly in order to guard against other attacks like branch target injection (Spectre variant 2). Critical applications can enable STIBP through the prctrl OS interface. For other operating systems, developers should refer to vendor-provided instructions or contact the OS vendor. For more information, see Intel's guidance on STIBP.

Intel does not recommend turning off Intel® HT as a mitigation technique because other programming methods are effective and higher performing.


Was this article helpful?YesNo
0% of users found this helpful

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software, or service activation. Performance varies depending on system configuration. Check with your system manufacturer or retailer or learn more at www.intel.com.

All information provided here is subject to change without notice. Contact your Intel representative to obtain the latest Intel product specifications and roadmaps.

Software and workloads used in performance tests may have been optimized for performance only on Intel microprocessors.

Performance tests, such as SYSmark and MobileMark, are measured using specific computer systems, components, software, operations and functions. Any change to any of those factors may cause the results to vary. You should consult other information and performance tests to assist you in fully evaluating your contemplated purchases, including the performance of that product when combined with other products. For more complete information visit www.intel.com/benchmarks.

Performance results are based on testing as of dates shown in configurations and may not reflect all publicly available​ updates. No product or component can be absolutely secure.

The products and services described may contain defects or errors known as errata which may cause deviations from published specifications. Current characterized errata are available on request.

Intel provides these materials as-is, with no express or implied warranties.

No product or component can be absolutely secure.

Intel, the Intel logo, Intel Core, Intel Atom, Intel Xeon, Intel Xeon Phi, Intel® C Compiler, Intel Software Guard Extensions, and Intel® Trusted Execution Engine are trademarks of Intel Corporation in the U.S. and/or other countries.

*Other names and brands may be claimed as the property of others.