Intel fails out to spectre meltdown12/29/2023 Spectre, however, is a more general flaw and may affect even more devices, though experts say the flaw is more difficult to exploit.Īccording to the security researchers who discovered the exploits, the data at risk “might include your passwords stored in a password manager or browser, your personal photos, emails, instant messages and even business-critical documents.” Meltdown seems to affect only Intel processors, but the company has a near monopoly on processors for personal computers and servers. That memory content could contain key strokes, passwords, and other valuable information. They also allow an attacker to use JavaScript code running in a browser to access memory in the attacker’s process. The vulnerabilities allow an attacker to compromise the privileged memory of a processor by exploiting the way processes run in parallel. This processor complexity is exactly what can be exploited, allowing access to the “kernel,” the highest-level control system of your computer. They can even perform “speculative executions,” guessing the most likely actions you might perform so they can be processed faster. They can also store small bits of information. Modern devices work in “parallel,” allowing processors to perform different calculations for different applications at the same time. They allow your device to “think,” by performing a staggering number of tiny calculations per second. Processors are one of the building blocks of digital devices. That makes fixing the problem much more challenging, as the exploits allow access to the most basic part of your computer. Meltdown and Spectre are beyond the norm, however, because they allow exploits at the hardware level, the silicon in your machine. But once flaws are made public, your devices become ready targets, and it’s only a matter of time before hackers find ways to access sensitive data like your passwords, online bank accounts, and email - if you’ve left your devices unprotected.Įxploits are unfortunately common these days, as security researchers engage in an arms race with hackers and even nations to build walls around our increasingly connected world of devices. There is no evidence yet that hackers have taken advantage of the security flaws. Intel was also informed of the potential exploits before the leaks, and it may be worth noting that the company’s CEO, Brian Krzanich, sold $24 million in company stock and options in late November, according to Business Insider. This came about a week after the processor maker Intel, which developed the update patches, recommended the reversal. Near the end of January, Microsoft finally pulled back updates fixing the exploits because of these problems. In their haste, they introduced errors that caused some computers to shut down unexpectedly, and now are left waiting for real protection. Instead, leaks of the revelations forced tech companies’ hands, and they scrambled to push out updates. They had already disclosed the flaws last year to the big tech companies like Microsoft and Apple, and had planned to reveal them publicly. Security researchers, including Jann Horn at Google and academics at Graz University of Technology, discovered the flaws. Two security flaws, dubbed Meltdown and Spectre by researchers, theoretically allow processor exploits to steal passwords and other sensitive user data from almost any device made in the past 20 years, according to the New York Times. It wasn’t quite how tech companies wanted to ring in the new year: Computer security researchers revealed massive security flaws that potentially affect the vast majority of personal computers and smartphones ever built.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |