TECH
It is (very) probably one of the victims of the latest "chipgate". Know what to do
It is the technological scandal of the moment, and it seems to leave no one out: neither processor makers nor, in turn, computer brands. But the "plot" worsens: smartphones and other devices do not also use chips? The last and, after all, the main victims are the users of this equipment. That is: it seems that we are all part of this new "chipgate".
What is this new "chipgate"?
The Register was the first to release information on serious security flaws that affect all devices that have processors manufactured by Intel, AMD and ARM.In recent days news has emerged that the chips manufactured by the market leader Intel, for 20 years, are affected by security breaches. One of these bugs allows access to various zones of Kernel memory - the processor area where the core operating system information used by the device in question - is supposed to be protected.In practice, you can enable an application to access all information from another, thus creating a kind of virtual tunnel that can be exploited in an attack to steal any kind of data from a computer or smartphone.
What security vulnerabilities are involved and what are the consequences?Named Meltdown and Specter, both have the same basis as exploiting critical vulnerabilities in processors. However, Meltdown allows you to bypass the memory access limitations of the CPU kernels, whereas Specter causes applications to reveal information that would otherwise be inaccessible by making the software think that the sharing of this information is being done within your secure environment.
If the first news mentioned Intel, the following were aware that this new chipgate is more widespread and extends to AMD and ARM as well. Specifically, two vulnerabilities are at stake, the "Meltdown", which will be exclusive to Intel processors, and "Specter" that also hits other chips.
Is my computer or smartphone at risk?
The safety concerns in question are present on all chips produced since 1995 by the manufacturers concerned, affecting all the equipment that integrate them. Anyway, so far there is no record of attack cases.
Although they have only been made public, the existence of the failures will be known since July 2017, according to some means. It is estimated that all processors manufactured since 1995 suffer from the problem.The vulnerabilities are official and there are already "remedies" available, notably from Microsoft. Apple has also confirmed that its computers and smartphones are part of the extensive list of affected devices.
What can I do to protect myself?
What is available to the user is to install the security updates of the operating systems, as well as of programs, which are made available for this purpose, only from official sources. Note that there are news to realize that these updates will affect the performance of the chips in question and, consequently, the processing speed of the equipment that have these chips installed, an issue that will be resolved in due time, Intel assures.
In the coming weeks, Intel, AMD, ARM, Qualcomm and other manufacturers are expected to provide firmware upgrades for their chips, which will permanently eliminate the problem. There are predictions, however, that this may affect the performance of the upgraded chips and, consequently, the processing speed of the devices that integrate these chips - some say 30%, but for example Apple says it will be around 2, 5% - an issue that will be resolved later, Intel assures.Ask questions about what to do about these security holes and the consequences for your "machines".What is this new "chipgate"?The Register was the first to release information on serious security flaws that affect all devices that have processors manufactured by Intel, AMD and ARM.
What security vulnerabilities are involved and what are the consequences?Named Meltdown and Specter, both have the same basis as exploiting critical vulnerabilities in processors. However, Meltdown allows you to bypass the memory access limitations of the CPU kernels, whereas Specter causes applications to reveal information that would otherwise be inaccessible by making the software think that the sharing of this information is being done within your secure environment.
When were the vulnerabilities discovered and what is being done to solve the problem?
Although they were only now public, security breaches had already been reported last summer to the companies in question: Intel, AMD and ARM. Companies like Microsoft, Amazon, Apple, Google, Firefox have already released partial or definitive updates.
Sapo
No comments:
Post a Comment