Technology Intel pledges transparency after Spectre, Meltdown vulnerability

09:53  12 january  2018
09:53  12 january  2018 Source:   Engadget

Intel reveals chip design flaw that could have allowed hackers to access hidden info

  Intel reveals chip design flaw that could have allowed hackers to access hidden info Hardware and software manufacturers including Apple and Microsoft began pushing out patches that protected against attacks making use of the flaw. The flaw, which Intel dubbed a side-channel analysis attack,  was discovered "months ago" Intel CEO Brian Krzanich said on CNBC Wednesday. The discovery was made by researchers at Google's Project Zero security group, which reported it to the affected companies. The vulnerabilities undermine some of the most fundamental security constraints employed by modern computers, said Craig Young, a researcher at computer security company Tripwire.

The Intel CEO also notes that the impact of Meltdown and Spectre patches on performance can vary widely, but that Intel will provide progress reports on the patches its working on. "To accelerate the security of the entire industry, we commit to publicly identify significant security vulnerabilities

Hence Puffco's after -hours session at the Mirage. "We think that if you want to make an omelet you've got to crack a few eggs, and so that's why we did this in here," said the Brooklyn-based Volodarsky, on using his suite for demos.

a man standing on a stage© Provided by Engadget The last week or so has seen a lot of activity around Meltdown and Spectre, two CPU flaws in modern chips from the likes of AMD and Intel. Apple, Microsoft and Google have provided interim fixes for their respective hardware, but it will take much more than simple patches (that can cause more harm than good) to truly eradicate the issue. Just a few hours after Intel revealed that there may be more slowdowns from its Meltdown processor fix, the company's CEO Brian Krzanich has written an open letter to further detail the steps Intel is taking to deal with the issues.

Krzanich promises that by January 15th, 90 percent of Intel CPUs made in the last five years will be updated, with the remaining 10 percent patched by the end of the month. The company will then start working on updates for older chips "as prioritized by (its) customers."

Intel says performance impact of security updates not significant

  Intel says performance impact of security updates not significant Intel Corp (INTC.O) said fixes for security issues in its microchips would not slow down computers, rebuffing concerns that the flaws found in microprocessors would significantly reduce performance. The performance impact of the recent security updates should not be significant and will be mitigated over time, Intel said late on Thursday, adding that Apple Inc, Amazon.com Inc, Google and Microsoft Corp reported little to no performance impact from the security updates. define("homepageFinanceIndices", ["c.

Intel pledges transparency after Spectre , Meltdown vulnerability . engadget.com.

According to Krzanich, going forward, Intel promises to offer timely and transparent communications, with details on patch progress and performance data. Because Spectre and Meltdown are hardware-based vulnerabilities , they must be addressed through software workarounds.

The Intel CEO also notes that the impact of Meltdown and Spectre patches on performance can vary widely, but that Intel will provide progress reports on the patches its working on. "To accelerate the security of the entire industry, we commit to publicly identify significant security vulnerabilities following rules of responsible disclosure and, further, we commit to working with the industry to share hardware innovations that will accelerate industry-level progress in dealing with side-channel attacks," wrote Krzanich in his statement. He also committed to help fund academic and independent research into possible security issues in the future.

Intel

Finnish firm detects new Intel security flaw .
A new security flaw has been found in Intel hardware which could enable hackers to access corporate laptops remotely, Finnish cybersecurity specialist F-Secure said on Friday. F-Secure said in a statement that the flaw had nothing to do with the "Spectre" and "Meltdown" vulnerabilities recently found in the micro-chips that are used in almost all computers, tablets and smartphones today.

—   Share news in the SOC. Networks
This is interesting!