How to protect devices from Spectre and Meltdown chip flaws

12 Enero, 2018, 03:34 | Author: Arnold Perez
  • Companies scrambling to protect networks from chip security flaw

The flaws - dubbed Meltdown and Spectre - affect processing chips made by Intel, AMD and ARM Holdings. Even traditionally exploit-resistant operating systems, like Apple's iOS, are vulnerable. Although Google Project Zero spearheaded the effort, most of the researchers involved are independent of Google.

"The defect renders the Intel x86-64x CPUs unfit for their intended use and goal", the complaints read. The Computer Emergency Response Team, the United States' primary defense against computer attacks, went so far as to say the only real way to fix Spectre is to replace processors that have the flaw.

Researchers said nearly every computing system - desktops, laptops, smartphones, and cloud servers - is affected by the Spectre bug. The other, Spectre, is harder to fix, but also harder to exploit, making it less of an immediate threat to consumer devices. The long-term solution may rely on a hardware redesign, he said, with software patches acting to monitor and stop malicious behavior. Kalember also noted that being attacked using Meltdown or Spectre is "highly unlikely".

Taken together, the right and wrong guesses still process data faster than just waiting around for every instruction to be executed in a serial fashion, one after another. "They will improve on it". Researchers have identified a security flaw in the computer processors made by three of the world's biggest chip designers, Intel, AMD and ARM, and a second flaw in Intel chips. These will be similarly impossible to fix, and the only strategy will be to throw our devices away and buy new ones.This isn't to say you should immediately turn your computers and phones off and not use them for a few years.

The story also raises an important issue about the responsible disclosure of such security flaws. "Check with your operating system vendor or system manufacturer and apply any available updates as soon as they are available", the company said. The company said it will be issuing updates for Safari on MacOS and iOS in the coming days, to guard against any potential exploit in JavaScript on the web browser.

Apple has already released mitigations in iOS 11.2, macOS 10.13.2, and tvOS 11.2 to help defend against Meltdown.

More news: South Korea mulls cryptocurrency ban but it's far from finalized
More news: Seahawks fire offensive coordinator Bevell, OL coach Cable
More news: IRAN ON EDGE: Tehran ARRESTS THOUSANDS as Regime Hangs On

Microsoft said in a statement Thursday that it is not aware of any of these vulnerabilities being used against its customers.

The first called Meltdown, affects Intel chips and lets hackers bypass the hardware barrier between applications run by users and the computer's memory, potentially letting hackers read a computer's memory and steal passwords.

The company said it has already updated its operating systems to defend against Meltdown.

Spectre shares similarities to Meltdown, but is much more sophisticated and wide-reaching. "There may end up being cases that are workload or OS specific that experience more of a performance impact".

The vulnerabilities, nicknamed Meltdown and Spectre, can cause data to leak from kernel memory.

"It's a positive thing that we have independent verification - researchers looking for vulnerabilities", Daly said. On a cloud service, each server is typically shared by many different customers.

Recomendado:



Popular

'F**king child': Trump taunted for Twitter 'tantrum' over Michael Wolff's new book
Donald Trump is going to probably spend the remainder of his presidency fighting back. "This man does not read, does not listen". Wolff also said he has recordings and notes of his interviews , but would not say whether he plans to release them.

Jefes diplomacia europea reafirman compromiso con acuerdo nuclear iraní
El ministro alemán de Exteriores, Sigmar Grabiel, reiteró que Europa quiere proteger el acuerdo contra cualquier posible decisión para socavarlo, venga de donde venga.

Cambridge-based Redux bought by Google
According to Crunchbase , Redux has also previously raised more than $5 million in funding before it was acquired by Google. On Ivanov's profile page, it says that Redux achieved a "successful exit" in August 2017, but it does not state the buyer.

The first white chocolate Cadbury's Creme Egg has been found
There's only one £2k prize and 33 remaining eggs worth £1,000, and the rest are worth smaller amounts. She has yet to decide what to spend her winnings on but is now thinking about planning a holiday.

Serge Ibaka, James Johnson each suspended one game for throwing punches
Hassan Whiteside (13 and 15) and rookie Bam Adebayo (16 and 15) also recorded double-doubles. Tempers flared between the two teams in a very physical game.

Magnitude 7.6 quake hits north of Honduras, triggers tsunami warning
The northern coast of Honduras closest to the quake's epicentre is sparsely populated, with much of it covered by nature reserves. President Juan Orlando Hernandez said authorities had activated the country's emergency system but urged people to remain calm.

Injury Update On Samoa Joe
However, WWE.com reports that he felt a pop in his right foot during the match and now he needs to get it checked out. WWE confirmed the news on their website and have not confirmed how long they expect Joe to be sidelined for.

Barack Obama and David Letterman Break Down the President's Dad Dance Moves
Friday's launch of "My First Guest" is the first of six monthly Letterman interview Netflix specials this year. Like he always used to do on Late Night , Letterman laughs it off.

Here's Rakesh Roshan's gift for Hrithik fans on son's 44th birthday
Hrithik's fans have been awaiting another film in the series ever since. It will hit the theatres on 25th December 2020, i.e., Christmas.

Revelado el estilo de pelea de Goku Black Video — Dragon Ball FighterZ
Por el momento no se conoce cuales son los personajes que estarán disponibles al momento de salida. Bandai Namco lo ha incluido en el grupo de luchadores que aparecerán el nuevo juego de peleas.