| | | Woo-yay, Meltdown CPU fixes are here.
Now, Spectre flaws will haunt tech industry for years Countermeasures to protect apps from attack
By Thomas Claburn in San Francisco 5 Jan 2018 at 07:08
Analysis
Intel has borne the brunt of the damage from the revelation of two novel attack techniques, dubbed Meltdown and Spectre, that affect the majority of modern CPUs in various ways.
The chipmaker's stock price is down, and it's being eyed for possible securities litigation, following reports CEO Brian Krzanich sold the bulk of his Intel shares after the biz had been made aware of the flaws.
In its defense, Intel has said other chip designers are also affected. While the Meltdown vulnerability, a side-channel attack that allows user applications to read kernel memory, is known to affect Intel processors (and the Arm Cortex-A75 that is yet to ship). The other vulnerability, Spectre, meanwhile, has been demonstrated on Intel Ivy Bridge, Haswell and Skylake processors, AMD Ryzen CPUs, and several ARM-based Samsung and Qualcomm system-on-chips used for mobile phones.
But Spectre will be harder to mitigate than Meltdown because the most effective fix is redesigned computing hardware.
"We are currently not aware of effective countermeasures that will eliminate the root cause of Spectre, short of hardware redesign," said Daniel Genkin, one of the authors of the Spectre research paper and postdoctoral fellow in computer science in the University of Pennsylvania and the University of Maryland, in the US, in an email to The Register.
continues at theregister.co.uk
|
|
