Intel, ARM chip flaws: What you need to know

The Department of Homeland Security is coordinating much of the government's response to Spectre and Meltdown.

Independent researchers separately discovered and named these vulnerabilities "Spectre" and "Meltdown".

"Meltdown" reportedly affects Intel chips only and could allow hackers to bypass the hardware barrier between applications run by users and the computer's memory, potentially letting hackers read a computer's memory and steal passwords.

Apple has yet to issue a statement about its Safari browser, so the best immediate step you can take is to make sure that you are using a secure version of Chrome or Firefox until an OS-level update comes out for your system.

The CERT division of the Software Engineering Institute at Carnegie Mellon University published a notice Jan. 3 initially recommending replacement of the affected CPU hardware as the only way to fully protect devices against the vulnerabilities. If Intel is right, it will have closed a major security flaw in its processors.

Receive our Daily Dispatch and Editors' Picks newsletters. Apple Watch is not affected by Meltdown.

Thankfully, for those with an 'Intel inside' there's a patch that can mitigate the problems. Microsoft issued a security update yesterday and, generally, Windows 10 will automatically download necessary security updates and install them for you.

The lack of diversity in the computing business turns such vulnerabilities into a systemic problem. Bearing in mind the number of chips with the flaw, the chances that your computer has a vulnerability are very high.

Intel denied that "a 'bug' or a 'flaw'" in its products was the root cause of the issue - as had been earlier suspected - arguing instead that its products, and the devices they were incorporated into, were simply "operating as designed". Meltdown affects computers that use Intel chips, while Spectre affects computers and smartphones built on Advanced Micro Devices (AMD) and ARM processors. They then got wind of Amazon working on an implementation and became more suspicious.

Apple did not comment on whether its iOS operating system, which also powers iPhones and iPads, was at risk. Solutions exist that introduce minimal performance impact, and expect such techniques will be adopted by software vendors over time.

The Meltdown bug concerns laptops, desktop computers and internet servers that have Intel chips. Spectre represents a broader range of more complex and sophisticated attacks that could work on virtually all processors and may be impossible to completely protect against in software alone. "It's good design and if you have a good design for something, it will protect you".

There are many conflicting reports about patch impacts being publicly discussed. At the end of November Brian Krzanich, Intel's chief executive, sold half his shares for $14m, which left him with the minimum holding required by Intel.

Google said that as soon as it discovered the bugs, it patched its systems and warned other software and hardware companies.

A major security flaw has surfaced that's thought to affect all Intel microprocessors since at least 2011, some ARM processors and, according to Intel, perhaps those of others.

"The exploitation does not leave any traces in traditional log files", the researchers write.

In many respects, public cloud users are better-protected from security vulnerabilities that are users of traditional datacenter-hosted applications.

Intel said it was working with its rivals AMD and ARM "to develop an industry-wide approach to resolve this issue promptly and constructively". But all that also promotes brittleness and fragility.

(Derechos de autor © 2015. Todos los derechos reservados.)
 
Recomendado

N. Korea soldier flees to South via heavily fortified border
Speaking before the Security Council vote, analysts said the new sanctions could have a major effect on the North's economy. With a range of 13,000km, the missile could hit the mainland US. "It is hard to build a direct connection between the two".

Confirmed: Everton vs Manchester United line ups
The French star ran the show for the Red Devils , providing both assists for the team's two goals vs Sam Allardyce's side. Everton will monitor James McCarthy and Yannick Bolasie before deciding whether to start the duo.

NFL Teams Complain About Packers Use Of IR
Stranger things have happened (especially against the Bears), but a 1,000 yard season for Diggs does not seem too likely. But House has had his own injury issues, having missed time with hamstring, quadriceps, shoulder and back injuries.

Mohamed Salah stars in Liverpool comeback; Chelsea thrash Stoke — EPL
He's made an excellent start to life back in English football too, with 23 goals in his first 29 games for the Merseyside outfit. However, Salah's contribution will leave even more onlookers wondering just how he was secured at such a ridiculous cost.

The biggest wins, top scorers and star names from El Clasico history
The Miss BumBum competition is a well-known beauty pageant in Brazil, which believe it or not, awards the best-looking butts. Lineker's tweet caused a major stir, with two journalists deciding to pick fights with the Match of the Day presenter.

Watch the Meltdown CPU exploit in action
Yesterday, we told you about a pair of exploits called Meltdown and Spectre . "That is the actual heart of the computer". Analysts are bullish: More than half call Intel a "buy", and just one in eight holds a negative outlook for the stock.

Pep: Man City to have 'internal meetings' about January Sanchez move
It's really difficult but Alexis Sanchez is the one that can probably come in and give a new fresh inspiration to the squad. Fabian Delph and John Stones both return whilst captain Vincent Kompany continues his spell on the sidelines.

What you need to know about Christmas holiday travel
The timing of the snafu couldn't have been worse, said transportation professor Joe Schwieterman of Chicago's DePaul University. If you want some warm weather, then say Italy, Greece, Spain", he added, noting the potential for cheaper airfare.

Pochettino: Fourth place isn't good enough for me
Tottenham have been carefully treating him, hoping that he does not need knee surgery. "The reaction will be good", he vowed. Burnley are depleted somewhat by an injury to Stephen Ward, who Dyche has confirmed will miss two games with a knee problem.

Macron Urges EU to Stress Iran Human Rights, Keep Nuclear Accord
In September 1978, he flew by helicopter over the capital, to see about half a million people denouncing him in the streets. Until that point, all were victims of the police, which is under the control of the Ministry of the Interior.

The Tax Bill's Rollout Looks Like It'll Be Full Of Confusion
Why do so many Americans believe that the middle class is getting a tax hike? "And I want to thank Paul Ryan ... what a team". Democrats want to do more for Puerto Rico and some Republicans worry about the mounting costs of disaster aid.

Football expert, McGarry speaks on Zidane's sack, likely replacement — Real Madrid
But how did Ernesto Valverde outwit? In the second half Luis Suarez scored his 10th goal of the season to fire Barca ahead. Madrid coach Zinedine Zidane, meanwhile, came in for some criticism for his team selection.

Team News: Five changes for Newcastle United, West Ham United
Ayew reduced the deficit in the 69th but Newcastle held on to record their first win since October 21. Moments later West Ham were gifted the chance of an equaliser when Clark fouled Antonio in the area.

Blazers' Damian Lillard (hamstring) planning on returning to action on Tuesday
A technical foul was called on Portland's Shabazz Napier early in the second quarter after he elbowed Atlanta's Isaiah Taylor . Nurkic finished with 21 points and 12 rebounds, and Portland won its fourth straight against the Sixers at the Moda Center.

Why reports of slowing iPhone X sales may be completely off base
Apple's public acknowledgment of intentionally slowing down older iPhones is backfiring at the company. Despite the premium price and reported production issues, Apple had record pre-sales of the iPhone X .


Mas noticias

Noticias
Mas noticias