Intel Meltdown and ARM’n Spectre

Intel CPU

The Hype

If you are in the security industry, then you probably heard about the security flaws in our most fundamental integrated circuits and semi-conductors from large reputable firms. None of the explanation make much sense, since they are purposefully obfuscated so as not to exacerbate the situation. However, this causes some problem for those trying to figure out how severe the issue actually is.

The Flaw

Claims are circulating that modern computers will need to be complete redesigned to patch the flaw.

Firefox 57 (the latest) includes a fix, as do the latest versions of Internet Explorer and Edge for Windows 10. Google says it will roll out a fix with Chrome 64 which is due to be released on January 23rd. Apple has not commented on how it plans to fix its Safari browser or even macOS. Chrome, Edge, and Firefox users on Windows won’t really need to do much apart from accept the automatic updates to ensure they’re protected at the basic browser level.

The most sensitive applications, namely web browsers, can be quickly and easily fixed. Most have been already. Unfortunately for Windows and other Operating Systems a patch for the flaw may impact performance by as much as 30%, and may take time to fix.

I will keep track any attempted exploits that hit this network and post them to my monthly security bulletin.

ARM Pine64
ARM-pine64 main logic board

Sources:

The Verge

The Independent

Computer security: The chips are down
Yesterday saw the disclosure of two serious design flaws in processors that power most of the world’s computers. “Meltdown” affects chips made by Intel. “Spectre” affects nearly all mid-range and high-end processors, including those found in smartphones. The flaws, which allow hackers to steal data, are partly the result of the industry’s thirst for more processing power. Fixing them will take years, writes our technology editor