Cloud network providers are actively examining alternatives to Intel microchips amid security flaws dubbed Spectre and Meltdown, discovered last week.
Spectre and Meltdown are two security exploits which enable malicious software to read data stored in a CPU’s cache by taking advantage of a feature modern processors use to improve performance. For the most part, this is a hardware-based issue. That makes it extremely difficult to eliminate entirely through software patches alone.
Intel Dominates the Data Center Market
Intel processors are currently used by 98% of data center operations, according to a recent report by industry consultancy firm IDC. That leave s a lot of room for growth from competitors like Advanced Micro Devices (AMD) and ARM Holdings.
Qualcomm and Cavium are in the midst of the development of their own ARM-based chips designed for data centers.
Intel Patch Results in a Performance Decrease
Microsoft has already developed a patch for Windows-based systems but warns that these patches will impact overall system performance on Intel-based systems. This is because, for modern Intel processors, the affected feature is baked into the hardware.
Gleb Budman, CEO of San Mateo-based online storage firm Backblaze, recently told Reuters, “If ARM provides enough computing power at lower cost or lower power than x86, it would be a strong incentive for us to switch.”
Budman continued, “If the fix for x86 results in a dramatically decreased level of performance, that might increasingly push in favor of switching to ARM.”
Popular alternatives AMD, ARM, IBM, and Qualcomm are susceptible, but to a much lesser degree.
AMD, ARM, Qualcomm, and IBM
Google Project Zero recently outlined the three variants of Meltdown and Spectre as follows:
- Variant 1 (Spectre): bounds check bypass
- Variant 2 (Spectre): branch target injection
- Variant 3 (Meltdown): rogue data cache load
Meltdown is unique to Intel’s architecture, so it only really affects Intel chips. Spectre is a possible issue on several other major chip makers’ products.
AMD, ARM, IBM, and Qualcomm have all indicated that they have the potential to be exploited through at least one variant of Spectre, but in almost all of these cases software patches and standard security practices are available to mitigate the risk.
Microsoft, Amazon, and Alphabet Were Already Moving Away from Intel
Cloud service giants Microsoft, Amazon, and Alphabet, Google’s parent company, are actively exploring Intel alternatives well ahead of the revealed exploits.
Microsoft announced in March of last year it would be using ARM processors for its Azure cloud service. Amazon has also started using AMD processors for its graphics design service.
Alphabet is working on a new server design based on IBM’s Power9 processor.
Spectre and Meltdown have shaken the world of online security for both consumers and enterprises alike. Intel, which has long been the dominant CPU provider in each of these sectors, is finding itself in unfamiliar territory in genuine risk of losing some of its overwhelming market share to its long-time rivals.