Google provides details on how it protected services like Gmail from Spectre

Google provides details on how it protected services like Gmail from Spectre

While many companies are working hard to patch Meltdown and Spectre vulnerabilities in their systems, Google says that it has already deployed anti-Spectre and Meltdown solutions to its products, and more interestingly, users didn’t even notice everything happened.

Right now, the downside of the patches companies are issuing to fix CPU vulnerabilities is that they have a high potential to slow down systems. For Google, this would mean that slowdown of services like Gmail, Google Drive, Search and it’s cloud products. So how did Google manage this exactly?

Well, the company gathered hundreds of engineers to find a way to protect its products. After months of trying to find solutions, the company did find a solution for Meltdown and the first variant of Spectre (two of the three vulnerabilities). After finding the solutions, they started rolling out patches back in September. Google says that it didn’t receive any complaint reports of degrading performance post-deployment of the fix.

While Google didn’t notice problems for the first variant of Spectre, the company did find the second variant to be quite problematic. Google’s engineers then thought that the only way to protect against the second variant was to switch off the CPU features that made the chips vulnerable to attacks. The downside of this would be that it would slow down applications considerably and cause inconsistent performance. That’s when Google engineers looked into “moonshot” solutions. The company found the answer in Retpoline, a technique conjured up by Google Senior Staff Engineer Paul Turner, which “modifies programs to ensure that executive cannot be influenced by an attacker.”

The Retpoline technique allowed Google to protect its services from the second variant of Spectre without having to modify source codes or switch off hardware components. By December, Google was done rolling out protections against all three variants of Spectre. Google said that it considered this set of vulnerabilities the “most challenging and hardest to fix” within the past decade.

Fortunately though, Google isn’t keeping the Retpoline technique a secret. The company is sharing its research with other tech companies in hopes that it “can be universally deployed to improve the cloud experience industry-wide.” Needless to say, other tech giants will definitely pick up this Retpoline technique and look into it.

Hamza Khalid

Hamza Khalid is the Lead Editor at The Jolt Journal. You're more than welcome to follow him on Twitter and follow The Jolt Journal on Twitter and Facebook. If you have any questions, concerns, or need to report something in this article, please send our team an email at [email protected]. This story may be updated at any time if new information surfaces.

At The Jolt Journal, no one tells us what to write or how to write it. This is why, in the era of lies and bias, readers turn to an independent source. Rest assured, all information on our website is free of any bias or influence. If you see anything wrong with a story, please don't hesitate to reach out. We do our very best to report on the latest available information.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.