Hardware flaws may be the new big security gap in computers and phones. In the last few days, it has become apparent that Intel, Microsoft, and other leading electronics companies have been struggling for months to overcome security holes that affect billions of processors worldwide. Intel, Microsoft, and Google released statements assuring customers the fixes are complete or in process. Yet some experts warn that the fixes could hurt performance.
Holes in the Hardware
While most security holes have been in software, this newly revealed weakness is in hardware, in the processing chip itself. The weakness revealed by Google in a blog post includes vulnerabilities in chips from Intel, ARM, and AMD. Some of the weaknesses go back to chips manufactured 10 years ago.
|Windows Centeral posted these images of the cybersecurity bugs, Meltdown and Spectre. Images courtesy of Microsoft.|
In the blog post, Google noted that company officials privately informed Intel, ARM, and AMD of these issues back in June of last year, giving the companies time to develop remedies before the news hit the street. While the companies were working on fixes, academic researchers began to discover the flaws. In a paper released last week, the researchers also identified potential cyberattacks – named Meltdown and Spectre – that could compromise processors.
Intel downplayed the possibility that the fixes would affect performance, noting that the prediction of a 30% slowdown would only occur in “extremely unusual circumstances” and would not affect the average user.
Some Fixes Are Still on the Way
The vulnerability apparently has the potential to let attackers through security barriers. “The flaw allows apps or hackers to bypass Kernel security systems and access cached sensitive information within the memory,” Marty P. Kamden, CMO of NordVPN told Design News. “This has led to the redesign of Windows and Linux Kernels. It seems that this particular bug has probably impacted most of the Intel processors manufactured in the past 10 years.”
Some systems have already been updated with fixes, while other system repairs are still in the process of updating. “Apple and Linux developers have released patches that in one way or another are able to mitigate the possible damage which might emerge from this major flaw, while Windows users must still wait for an update,” said Kamden. “We recommend that people keep their devices updated regardless of the OS used. However, each person must assess their threat level individually until all security patches are completed and publicly released.”
Rob Spiegel has covered automation and control for 17 years, 15 of them for Design News. Other topics he has covered include supply chain technology, alternative energy, and cyber security. For 10 years, he was owner and publisher of the food magazine Chile Pepper.
|Pacific Design & Manufacturing , North America’s premier conference that connects you with thousands of professionals across the advanced design & manufacturing spectrum, is back at the Anaheim Convention Center February 6-8, 2018! Over three days, uncover software innovation, hardware breakthroughs, fresh IoT trends, product demos and more that will change how you spend time and money on your next project. CLICK HERE TO REGISTER TODAY!|