Technology Intel pledges transparency after Spectre, Meltdown vulnerability

09:53  12 january  2018
09:53  12 january  2018 Source:   Engadget

Finnish firm detects new Intel security flaw

  Finnish firm detects new Intel security flaw A new security flaw has been found in Intel hardware which could enable hackers to access corporate laptops remotely, Finnish cybersecurity specialist F-Secure said on Friday. F-Secure said in a statement that the flaw had nothing to do with the "Spectre" and "Meltdown" vulnerabilities recently found in the micro-chips that are used in almost all computers, tablets and smartphones today.

The Intel CEO also notes that the impact of Meltdown and Spectre patches on performance can vary widely, but that Intel will provide progress reports on the patches its working on. "To accelerate the security of the entire industry, we commit to publicly identify significant security vulnerabilities

Hence Puffco's after -hours session at the Mirage. "We think that if you want to make an omelet you've got to crack a few eggs, and so that's why we did this in here," said the Brooklyn-based Volodarsky, on using his suite for demos.

a man standing on a stage© Provided by Engadget The last week or so has seen a lot of activity around Meltdown and Spectre, two CPU flaws in modern chips from the likes of AMD and Intel. Apple, Microsoft and Google have provided interim fixes for their respective hardware, but it will take much more than simple patches (that can cause more harm than good) to truly eradicate the issue. Just a few hours after Intel revealed that there may be more slowdowns from its Meltdown processor fix, the company's CEO Brian Krzanich has written an open letter to further detail the steps Intel is taking to deal with the issues.

Krzanich promises that by January 15th, 90 percent of Intel CPUs made in the last five years will be updated, with the remaining 10 percent patched by the end of the month. The company will then start working on updates for older chips "as prioritized by (its) customers."

Flawed computer chips and how to fix them

  Flawed computer chips and how to fix them As tech giants race against the clock to fix major security flaws in microprocessors, many users are wondering what lurks behind unsettling names like "Spectre" or "Meltdown" and what can be done about this latest IT scare.  What is Meltdown? And Spectre?

Intel pledges transparency after Spectre , Meltdown vulnerability . engadget.com.

According to Krzanich, going forward, Intel promises to offer timely and transparent communications, with details on patch progress and performance data. Because Spectre and Meltdown are hardware-based vulnerabilities , they must be addressed through software workarounds.

The Intel CEO also notes that the impact of Meltdown and Spectre patches on performance can vary widely, but that Intel will provide progress reports on the patches its working on. "To accelerate the security of the entire industry, we commit to publicly identify significant security vulnerabilities following rules of responsible disclosure and, further, we commit to working with the industry to share hardware innovations that will accelerate industry-level progress in dealing with side-channel attacks," wrote Krzanich in his statement. He also committed to help fund academic and independent research into possible security issues in the future.

Intel

Intel reveals chip design flaw that could have allowed hackers to access hidden info .
Hardware and software manufacturers including Apple and Microsoft began pushing out patches that protected against attacks making use of the flaw. The flaw, which Intel dubbed a side-channel analysis attack,  was discovered "months ago" Intel CEO Brian Krzanich said on CNBC Wednesday. The discovery was made by researchers at Google's Project Zero security group, which reported it to the affected companies. The vulnerabilities undermine some of the most fundamental security constraints employed by modern computers, said Craig Young, a researcher at computer security company Tripwire.

—   Share news in the SOC. Networks
This is interesting!