Lunes, 15 Octubre, 2018

Intel says performance impact of security updates not significant

Intel says rapidly issuing updates to all processors impacted by Meltdown Meltdown, Spectre chip flaws raise questions about hardware security
Manuel Armenta | 13 Enero, 2018, 03:37

And the performance generally isn't a problem, he said: "For the real-world's minimal impact". Google has revealed that they uncovered the issue last year and it involves two vulnerabilities named Meltdown and Spectre.

"Intel has already issued updates for the majority of processor products introduced within the past five years", the Intel statement reveals.

Microsoft, Apple, and Linux are all going to release updates for Intel-powered computers to mitigate the issue. That's currently uncertain, but we've contacted Intel for comment and will update this story should we receive a response.

Why is this different to other viruses? In that way, normal programs, including anything from javascript from a website to computer games, cannot be manipulated to exploit the hole and gain access to the protected kernel memory. ARM has put out a security briefing note, indicating which chips could have been affected by Spectre.

CNET reports that some designs made by ARM and AMD are also susceptible, although AMD has said there's a "near zero" chance its chip designs are vulnerable.

Multiple outlets, however, have reported that Intel and other chip makers were notified of the security vulnerabilities in June. It's harder to write and execute a Spectre attack, says Google.

According to an advisory notice issued by the Carnegie Mellon University Software Engineering Institute, the flaws - dubbed Meltdown and Spectre - need to be addressed by applying updates and replacing the affected CPU hardware.

For server systems, the security fix could also have a massive effect.

Daniel Gruss, a researcher on the team at Graz University of Technology, which discovered one of the bugs, told Reuters that it is "probably one of the worst [central processing unit] bugs ever found". The flaw affects only computers with Intel processors and the ones with AMD CPUs are not affected.

Krzanich sold stock and exercised options worth a rough total of $24 million on Nov. 29, reducing his holdings of Intel shares to 245,743 - the minimum required by his contract with the firm.

So, how then can Intel claim to grant its chips immunity to this hole?

According to a report from PCWorld, Intel executives confirmed during a conference call on Wednesday that they will roll out patches over the next few weeks to fix the flaw which is now called "side channel analysis exploit".

But implementing the fix is expected to significantly affect the performance of the computer, making some actions up to around 30% slower.

Tech companies typically withhold details about security problems until fixes are available so that hackers wouldn't have a roadmap to exploit the flaws.

Consumers should check with their device maker and operating system provider for security updates and install them as soon as possible. This means that apart from PCs, Spectre is present in smartphones as well.