Google deploys patch for security flaws in chips

SAN FRANCISCO: To safeguard its customers from potential security bugs in chips, Google has deployed a novel chip-level patch across its entire infrastructure, resulting in only minor declines in performance in most cases.
“In response to the vulnerabilities that were discovered, we developed a novel mitigation called ‘Retpoline’ — a binary modification technique that protects against ‘branch target injection’ attacks,” Matt Linton, Senior Security Engineer and Pat Parseghian, Technical Programme Manager at Google said on Thursday.
“We shared ‘Retpoline’ with our industry partners and have deployed it on Google’s systems, where we have observed negligible impact on performance,” the engineers added.
In addition, the tech giant has deployed “Kernel Page Table Isolation” (KPTI) which is a general purpose technique for better protecting sensitive information in memory from other software running on a machine.
“KPTI” has been deployed to the entire fleet of Google Linux production servers that support all of our products, including Search, Gmail, YouTube and Google Cloud Platform, the firm said. — IANS