Meltdown and Spectre processor flaws

  • 1
  • Question
  • Updated 8 months ago
  • Answered
Any word from Flex if the Meltdown and Spectre processor flaws affect their hardware or software? 
Photo of Scott Russell - N1SER

Scott Russell - N1SER

  • 50 Posts
  • 7 Reply Likes

Posted 9 months ago

  • 1
Photo of Steve - N5AC

Steve - N5AC, VP Engineering / CTO

  • 1030 Posts
  • 999 Reply Likes
Official Response
We are still studying the vulnerabilities, and I'll comment later in this post what we know.  From a practical standpoint, what you really need to understand is how these might affect your radio operations.  To the best of our knowledge, FLEX series radios will be unaffected (FLEX-5000, 3000 and 1500) as well as the SDR-1000 which does not have a processor of any kind.  The processors in the earlier FLEX series are a lower-speed processor that is A) not likely to have the issues at all and B) never runs code other than FlexRadio code.  As for the FLEX-6000 Signature Series, all of these systems use a daVinci processor designed by Texas Instruments that contains an ARM processor (see text below on vulnerabilities).  Even though the core processor does have vulnerability exposure, what you need to consider, again from a practical standpoint, is how it would be exploited.  

Today the FLEX-6000 Signature Series radios only run three types of software: the Linux kernel and associated file system, software designed by FlexRadio and finally the possibility exists for third parties to make waveform modules to implement additional modes.  If you wanted to exploit a vulnerability in a radio, there are much easier ways than to craft a specific exploit than for Meltdown or Spectre.  But assuming that someone wanted to do this, the waveform module is, today, the only mechanism that a third party could exploit easily.  So, as with all things, consider the source of any waveform module you decide to install.  If it originates from a <name your favorite unstable regime> country and comes from a computer programmer that goes by the hacker alias d13rAd1O, you might want to pass on installing it.

These vulnerabilities are of concern because of two key exploit vectors: 1) At multi-customer computer centers (read cloud servers, web servers, database servers, etc) where a given machine is simultaneously running code from many parties, you might be concerned about access to sensitive corporate or customer data.  2) On a private individual or company computer, you might be concerned about installing software that could bypass some security protections you've enabled and gain access to data you would otherwise not allow.  When you consider the risk of a vulnerability you should always consider the benefit to the individual perpetrating an attack.  An attack on one of our radios has a low multiplicative effect (there are not 10,000,000 radios that you could systematically attack) and probably a low benefit (you can't steal valuable customer information, credit cards, financial records, etc. directly).  Nothing is ever totally secure, including every IoT device or other radio you own, but I think the likelihood of an exploit that would cause our customers grief is low.  We are continuing to consider and evaluate what we read, of course, but this is the thinking today.

For the technically minded, the primary processor we use is a Texas Instruments TMS320DM8168 which contains an ARM Cortex A-8 and a TI C674X DSP, each running at over 1GHz.  The Cortex A-8 can be exploited with Variant 1 (CVE-2017-5753) and Variant 2 (CVE-2017-5715) but not Variant 3/3a (CVE-2017-5754).  Both Variant 1 and 2 are susceptible to Spectre exploits where as Variant 3 requires a Meltdown exploit.

To protect against Variant 1 would require us to recode any pointer references that instruct the compiler to avoid speculation in advance dereferencing of those pointers.  This is a major undertaking and would protect you from a third party that happened to be running user mode code on your radio.  It is also possible that the performance penalties would cause a reduction in available functionality of the radio (most companies implementing anti-Spectre code are reporting 30-50% performance hits).  As mentioned before, this would only happen in the case of a waveform module as far as we've been able to determine.  A much more likely exploit, in my mind, would be to use an open source ham radio digital mode program to gain control of your Windows PC and grab financial information there.  It sure seems like a more lucrative and effective attack, but again limits the attack space because of the low numbers of ham radio operators.  Nothing is impossible, but these new exploits seem like a lower payoff than other exploits that could be undertaken.  

At this time, it appears that the Cortex A8's Variant 2 issue has no fix from ARM.  The same thinking, however, applies as with variant 1.  If this is something you are personally concerned about, just don't install waveform modules at all.  As a result of the information we have today, we have no plans at this time to deploy code protections against Spectre and Meltdown exploits are not possible on the processor we use.