Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
Editorials & Other Articles
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
Major flaw in millions of Intel chips revealed
A serious flaw in the design of Intel's chips will require Microsoft, Linux and Apple to update operating systems for computers around the world.
Intel has not yet released the details of the vulnerability, but it is believed to affect chips in millions of computers from the last decade.
The UK's National Cyber Security Centre (NCSC) said it was aware of the issue and that patches were being produced.
Some experts said a software fix could slow down computers.
--more--
http://www.bbc.com/news/technology-42553818
Intel has not yet released the details of the vulnerability, but it is believed to affect chips in millions of computers from the last decade.
The UK's National Cyber Security Centre (NCSC) said it was aware of the issue and that patches were being produced.
Some experts said a software fix could slow down computers.
--more--
http://www.bbc.com/news/technology-42553818
The immediate fix may slow down your Intel-based computer 5-30%
The Microsoft Windows patch comes Tuesday. Even if the patch does slow down software you use regularly it's still better to apply the patch than the alternative of not updating your operating system.
The Amazon "cloud" is updating Friday. It will be interesting to see if services utilizing Amazon's cloud suffer slowdowns, including Amazon itself and Netflix.
As an ordinary computer user there's not much you can do about this but watch and update your Intel machines when the patch is ready.
The bug in the hardware is a bad one, potentially allowing passwords and such to be stolen, or malevolent software to be installed, but I haven't heard of any bad guys exploiting it yet.
6 replies
= new reply since forum marked as read
Highlight:
NoneDon't highlight anything
5 newestHighlight 5 most recent replies
Major flaw in millions of Intel chips revealed (Original Post)
hunter
Jan 2018
OP
Makes me glad I have been an AMD guy for years.
Just built my first intel system a month ago for one of my kids cause an i5 fell into my lap.
Don't hate intel just AMD has consistently delivered the better value.
lpbk2713
(43,201 posts)2. The North Koreans have been busy.
...
regnaD kciN
(26,616 posts)3. 5-30%? Time to get my Commodore Amiga out of storage...
NCjack
(10,297 posts)4. Gee, thanks, Intel. Instead of a good replacement chip, we will get a crummy software patch. nt
Eugene
(62,736 posts)5. Intel says other vendors' chips are affected. AMD denies it.
Source: PC World
Intel responds to the CPU kernel bug, downplaying its impact on home users
Intel claimed the patches for the CPU vulnerability, due next week, would bring a negligible performance hit to the average user. It was also quick to position the bug as an industry-wide problem.
-snip-
Intel claimed the patches for the CPU vulnerability, due next week, would bring a negligible performance hit to the average user. It was also quick to position the bug as an industry-wide problem.
-snip-
Read more: https://www.pcworld.com/article/3245508/components-processors/intel-responds-to-the-cpu-kernel-bug.html
Eugene
(62,736 posts)6. Update: Every device made in the last 20 years may be vulnerable.
Source: The Verge
Processor flaw exposes 20 years of devices to new attack
Chipocalypse now
By Russell Brandom@russellbrandom Jan 3, 2018, 5:23pm EST
All week, the tech world has been piecing through rumors of a potentially catastrophic flaw in an entire generation of processors but with all developers subject to a non-disclosure agreement, there were few hard facts to go on.
Now, new details have emerged on how severe and far reaching the vulnerability truly is. ZDNet and the New York Times are reporting that two critical vulnerabilities dubbed Meltdown and Spectre affect nearly every device made in the past 20 years. The vulnerabilities allow an attacker to compromise the privileged memory of a processor by exploiting the way processes run in parallel. The result, one researcher told ZDNet, is that "an attacker might be able to steal any data on the system.
The researchers have created a website with more details on Meltdown and Spectre - https://meltdownattack.com/. Its FAQ, like many security-related FAQs, is simultaneously comforting and hair-raising. It starts with Am I affected by the bug? Most certainly, yes. It notes that there are patches for Meltdown for Windows, Linux, and macOS. It also notes that that Spectre, though harder for a hacker to implement, is more problematic: As it is not easy to fix, it will haunt us for quite some time.
Intel chips have been at the focus of initial research and subsequent reporting on the vulnerability, although it remains unclear whether non-Intel chips could be susceptible. In a public statement, Intel said many different vendors processors and operating systems... are susceptible to these exploits. AMD has denied any of its processors are vulnerable, although Google researchers say theyve demonstrated a successful attack on AMDs FX and PRO CPUs. ARM has also confirmed that its Cortex-A processors are vulnerable.
-snip-
Chipocalypse now
By Russell Brandom@russellbrandom Jan 3, 2018, 5:23pm EST
All week, the tech world has been piecing through rumors of a potentially catastrophic flaw in an entire generation of processors but with all developers subject to a non-disclosure agreement, there were few hard facts to go on.
Now, new details have emerged on how severe and far reaching the vulnerability truly is. ZDNet and the New York Times are reporting that two critical vulnerabilities dubbed Meltdown and Spectre affect nearly every device made in the past 20 years. The vulnerabilities allow an attacker to compromise the privileged memory of a processor by exploiting the way processes run in parallel. The result, one researcher told ZDNet, is that "an attacker might be able to steal any data on the system.
The researchers have created a website with more details on Meltdown and Spectre - https://meltdownattack.com/. Its FAQ, like many security-related FAQs, is simultaneously comforting and hair-raising. It starts with Am I affected by the bug? Most certainly, yes. It notes that there are patches for Meltdown for Windows, Linux, and macOS. It also notes that that Spectre, though harder for a hacker to implement, is more problematic: As it is not easy to fix, it will haunt us for quite some time.
Intel chips have been at the focus of initial research and subsequent reporting on the vulnerability, although it remains unclear whether non-Intel chips could be susceptible. In a public statement, Intel said many different vendors processors and operating systems... are susceptible to these exploits. AMD has denied any of its processors are vulnerable, although Google researchers say theyve demonstrated a successful attack on AMDs FX and PRO CPUs. ARM has also confirmed that its Cortex-A processors are vulnerable.
-snip-
Read more: https://www.theverge.com/2018/1/3/16846840/intel-arm-processor-flaw-chipocalypse-windows-macos-linux