Apple confirms computer chips flaws

Apple confirms computer chips flaws

It's the main brain that does most of the "thinking" in a digital device.

The flaws were uncovered in the code of CPUs the computers use.

Interestingly, Meltdown does not affect one device: The Apple Watch.

Dr Yuval Yarom from the University of Adelaide's School of Computer Science, and Data61, is part of an global team that has reported on security vulnerabilities in Intel processors made over the last two decades, which could affect computers, mobile phones and cloud servers.

The issue is serious enough that researchers have put together a website devoted to it. But Spectre is much more hard than Meltdown for hackers to exploit. They could fool you into downloading an app.

What happens with the Meltdown flaw?

Meltdown is an attack that accesses active system memory and can gain access to the kernel.

To reduce idle time, most modern chips speculate about future instructions while processing present ones, a process known as speculative execution. It's an analogous problem to vulnerabilities in the once-dominant Microsoft Windows operating system - or, in the agricultural world, to a disease affecting a widely used crop variety, like the preponderant but under-threat Cavendish banana. More on that in a moment.

What about the Spectre flaw? Similar to Meltdown, Spectre can steal information from one application and share it with another.

Initially, researchers thought there was no way to patch for Spectre.

Sarah Sanders humiliated on Twitter after lashing out at Michael Wolff's book
Local bookstores and retailers sold out of " Fire and Fury: Inside the Trump White House " Friday morning. Mr Wolff himself concedes in author's note some of what his sources told him was untrue.

Skype is Testing New Private Conversations With End-to-End Encryption
That changes today for Skype Insiders , who now have access to end-to-end encryption via the new Private Conversations feature. These private conversations can be used with audio calls and text chat, but can only be used on a single device at a time .

IRS needs more money to implement the new tax law
They have ordered a review by the Government Accountability Office to determine whether the new tax guidelines are accurate. The IRS will release an online calculator by the end of February so taxpayers can ensure their paychecks are accurate.

On Wednesday, researchers a of major security in the microprocessors at the heart of the world's computers for the past 15 to 20 years.

Technology companies are scrambling to fix serious security flaws affecting computer processors built by Intel and other chipmakers and found in numerous world's personal computers and smartphones.

If you own a computer or smartphone that uses an Intel, AMD or ARM processor, those devices are vulnerable to Spectre. The ARM design is also used in Apple's mobile chips.

Apple users haven't been spared in the great computer chip debacle.

Mozilla Firefox, meanwhile, shipped an update Thursday that includes fixes to jam Meltdown or Spectre exploits. It will release mitigations in Safari to defend against the Spectre bug "in the coming days", the release said.

It has now changed that advice to say users should "apply updates" to mitigate any attacks instead. Google will also ship an update to its Chrome browser in January to obstruct attempts to exploit these flaws.

Risks that Variant 1 would pose to the infrastructure underpinning Google Cloud are addressed by the multiple security controls that make up our layered "defence in depth" security posture. It won't be long before evildoers turn their attention to both of these flaws.

How do I update my software? The good news is that it can be fixed with a simple software patch for your system, and they are already in the works; in some cases, they are ready to go. This would be excellent excuse to finally upgrade your operating system or, if you can, get a whole new computer. They could be at risk permanently.

"We are now not aware of effective countermeasures that will eliminate the root cause of Spectre, short of hardware redesign", said Daniel Genkin, one of the authors of the Spectre research paper and postdoctoral fellow in computer science in the University of Pennsylvania and the University of Maryland, in the United States, in an email to The Register.

"Any patch they do is a kluge", he said. "The security research community is also a lot bigger than it was back in '95". They built a fence around their execution engines, and were satisfied with their security and privacy protection - until Google Project Zero researchers, and other experts, brought a ladder to the party and broke their security model. They didn't have the expertise to find these vulnerabilities.

Related Articles

  • Major Chip Flaws Confirmed as

    Major Chip Flaws Confirmed as "Meltdown" and "Spectre"

    Through the exploit, attackers may gain access to data, though they do not have the power to modify or delete them, Intel added. Exploiting this flaw , hackers could potentially read computer memory to access passwords and other information.
    White House personal cell phone ban starts next week

    White House personal cell phone ban starts next week

    All employees electronics equipment must be issued by the White House Communications Agency, or else, the memo warned. A press secretary says tweets that seemed to contradict each other didn't contradict each other.
    Trump won't say whether he has talked to Kim Jong Un

    Trump won't say whether he has talked to Kim Jong Un

    Tensions between Kim Jong-un and Trump have escalated in recent months over the rogue state's missile tests and nuclear ambitions. The Russia Today report added that Putin assesses Kim's overtures to South Korea as an effort to ease tensions on the peninsula.
  • New US ambassador to Netherlands grilled over 2015 comments

    New US ambassador to Netherlands grilled over 2015 comments

    He said Hoekstra also was expected to visit various Dutch communities over the weekend, including Muslim communities. Moments later, he denied that he had called them fake news.
    Nintendo Direct confirms Dark Souls, Donkey Kong, Hyrule Warriors for Switch

    Nintendo Direct confirms Dark Souls, Donkey Kong, Hyrule Warriors for Switch

    Instead, the Direct appeared on January 11 with very little notice and brought with it a host of Nintendo Switch announcements. As stated above, the game also includes an added local multiplayer mode to CRIME.NET called CRIME.NET Local Play.
    Space X to launch rocket carrying a vehicle  to orbit Mars

    Space X to launch rocket carrying a vehicle to orbit Mars

    The spokesman for the corporation said that the company isn't at liberty to comment on a classified mission. If additional reviews uncover any problems, she said, "we will report it immediately".
  • National Football League  will investigate Raiders on Rooney Rule

    National Football League will investigate Raiders on Rooney Rule

    Asked what the Steelers should do this offseason, Bell said, "Value me". "And this time he didn't waver, either", Davis said. The rule requires teams to interview at least one minority candidate for head coach and general manager openings.
    First Look at Tom Hardy as Eddie Brock in Venom

    First Look at Tom Hardy as Eddie Brock in Venom

    I can promise you badass action, Venom's dark humor, and I can also promise you an absolutely stunning performance by Tom Hardy . Instead, this first official image is a look at Tom Hardy in reporter mode as Eddie Brock, pre-transformation.
    'Camila' review: Camila Cabello's powerful solo debut

    'Camila' review: Camila Cabello's powerful solo debut

    She also stated that when she asked to help write lyrics for Fifth Harmony songs, she was rebuffed. Then the more I got into the year, it just was better.
  • Reuters reporters charged under espionage act in Myanmar

    Reuters reporters charged under espionage act in Myanmar

    Former US President Bill Clinton on Monday called for the immediate release of two Reuters journalists being held in Myanmar. The Danish Embassy in Yangon meanwhile has joined a growing chorus of calls for the two journalists' release.
    Democrats warn U.S.  remains vulnerable to Russian election interference

    Democrats warn U.S. remains vulnerable to Russian election interference

    The report , titled "Putin's Asymmetric Assault on Democracy in Russian Federation and Europe: Implications for U.S. The report accuses Putin of leading two decades worth of election meddling across the globe. .
    Former BCS poll has UCF ranked No. 1 over Alabama

    Former BCS poll has UCF ranked No. 1 over Alabama

    Rick Scott also proclaimed the team champs, saying that they would be recognized as such, at least within the state of Florida. Per ESPN's Darren Rovell , 37 UCF supporters raised $1,665 on GoFundMe for a billboard in Tuscaloosa, Alabama.