A Critical Intel Flaw Breaks Basic Security for Most PCs

in #technology8 years ago

From Wired


ONE OF THE most basic premises of computer security is isolation: If you run somebody else's sketchy code as an untrusted process on your machine, you should restrict it to its own tightly sealed playpen. Otherwise, it might peer into other processes, or snoop around the computer as a whole. So when a security flaw in computers' most deep-seated hardware puts a crack in those walls, as one newly discovered vulnerability in millions of processors has done, it breaks some of the most fundamental protections computers promise—and sends practically the entire industry scrambling.

Earlier this week, security researchers took note of a series of changes Linux and Windows developers began rolling out in beta updates to address a critical security flaw: A bug in Intel chips allows low-privilege processes to access memory in the computer's kernel, the machine's most privileged inner sanctum. Theoretical attacks that exploit that bug, based on quirks in shortcuts Intel has implemented for faster processing, could allow malicious software to spy deeply into other processes and data on the target computer or smartphone. And on multi-user machines, like the servers run by Google Cloud Services or Amazon Web Services, they could even allow hackers to break out of one user's process, and instead snoop on other processes running on the same shared server.

On Wednesday evening, a large team of researchers at Google's Project Zero, universities including the Graz University of Technology, the University of Pennsylvania, the University of Adelaide in Australia, and security companies including Cyberus and Rambus together released the full details of two attacks based on that flaw, which they call Meltdown and Spectre.

Read more: https://www.wired.com/story/critical-intel-flaw-breaks-basic-security-for-most-computers/

Well shit. I just purchased and installed a new Intel CPU. Had I had this information a few weeks ago I might have purchased AMD instead.

Leave your thoughts in the comments below.


Follow @contentjunkie to stay up to date on more great posts like this one.

Sort:  

Sad news I will go to read more

Such quirks should not be overlooked, and there are special workers in espionage

It seem like a major issue, it even pushed the stock lower today.
Resteemed!

This is really bad...

Wow, I did not know that Intel would have a vulnerability. Been using Intel products for decades and I've also enjoyed the ease of use, performance and capability of these processors. How good are AMD processors compared to Intel?