This is HUGE .. ‘Spectre’ and ‘Meltdown’: New CPU HARDWARE vulnerabilities affect most devices inc your Puter/Laptop

robut

Well-known member
Joined
Apr 6, 2008
Messages
8,729
This is HUGE .. ‘Spectre’ and ‘Meltdown’: New CPU HARDWARE vulnerabilities affect most devices inc your Puter/Laptop

MODS: sorry if this posted about already - I did a search for spectre and meltdown, found no post yet with same.

‘Spectre’ and ‘Meltdown’: New CPU vulnerabilities affect most smartphones and computers

The tech industry has been all a buzz over the last 48 hours with talk about a fundamental flaw in Intel’s CPUs that makes it easy for malware to steal sensitive data (like passwords, cryptographic keys and banking information) directly from memory, memory that would normally be off limits. We now have the first concrete details about the issue, and as it turns out, there are actually two vulnerabilities, dubbed by security researchers ‘Meltdown’ and ‘Spectre’ and they affect other platforms besides Intel’s.
These two vulnerabilities are HARDWARE VULNERABILITIES independent of your OS & software. They effect all your devices whether Windows, OS X, Linux and Android.

From the other article below:

A complete fix for Meltdown and Spectre is going to require a CPU replacement. As CERT says, the solution is to “Replace CPU Hardware”.
The Impact of Meltdown & Spectre Vulnerabilities

I urge ye to read both or especially the Defiant article on this.

By the looks of this .. it could be MASSIVE. It potentially renders many legacy devices in place as major security risks and untrustable?

Apparently the OS patches coming shortly could also drop the machines performance by up to 30%

Again i stress .. these are HARDWARE VULNERABILITIES in your Processor Chip & it effects Apple, Windows, Linux & Android plus I imagine any other device using similar intel chips ..
 
Last edited:


GDPR

1
Joined
Jul 5, 2008
Messages
217,846
Surely there can be some firmware fix?

Do you know of anyone affected by hackers using Spectre and/or Meltdown?
 

Socratus O' Pericles

Well-known member
Joined
Oct 12, 2009
Messages
32,906
I’m going to buy all new in the morning.
 

robut

Well-known member
Joined
Apr 6, 2008
Messages
8,729
Surely there can be some firmware fix?
Seems it will be "Fixed" via major OP SYS updates coming to all devices next few days / weeks BUT could have a performance hit of up to 30% on these devices.

Time will tell if these fixes fix the issue appropriately or not

As CERT says - A complete fix for Meltdown and Spectre is going to require a CPU replacement. As CERT says, the solution is to “Replace CPU Hardware”.
 

shoneen

Well-known member
Joined
Apr 1, 2011
Messages
1,804
Seems it will be "Fixed" via major OP SYS updates coming to all devices next few days / weeks BUT could have a performance hit of up to 30% on these devices.

Time will tell if these fixes fix the issue appropriately or not

As CERT says - A complete fix for Meltdown and Spectre is going to require a CPU replacement. As CERT says, the solution is to “Replace CPU Hardware”.
Cue massive IT spend in US - time to invest in hardware stocks?
 

GDPR

1
Joined
Jul 5, 2008
Messages
217,846
Seems it will be "Fixed" via major OP SYS updates coming to all devices next few days / weeks BUT could have a performance hit of up to 30% on these devices.

Time will tell if these fixes fix the issue appropriately or not

As CERT says - A complete fix for Meltdown and Spectre is going to require a CPU replacement. As CERT says, the solution is to “Replace CPU Hardware”.
Do you know of anyone affected by hackers using Spectre and/or Meltdown?​
 

robut

Well-known member
Joined
Apr 6, 2008
Messages
8,729
Do you know of anyone affected by hackers using Spectre and/or Meltdown?​
Not yet. news only breaking in last 48 hours. Info only disclosed now by major chip manufacturers.

I would hazard a guess as it is a hardware attack quietly stealing from your system memory via your processor vulnerability .. people would never know. Because its hardware and not OS based vulnerability .. no Anti Virus software is of any use or aware I would say
 

jmcc

Well-known member
Joined
Jun 12, 2004
Messages
42,346
Time to dig out those old 386s and Z80s. :)
 

GDPR

1
Joined
Jul 5, 2008
Messages
217,846
Not yet. news only breaking in last 48 hours. Info only disclosed now by major chip manufacturers.

I would hazard a guess as it is a hardware attack quietly stealing from your system memory via your processor vulnerability .. people would never know. Because its hardware and not OS based vulnerability .. no Anti Virus software is of any use or aware I would say
How would the attackers get into a personal computer system? Surely the barriers from the router connections and the firewall would stop that?
 

gerhard dengler

Well-known member
Joined
Feb 3, 2011
Messages
46,739
Interesting links in that OP.

These warnings sound to me like a re-heat of Y2K scare, 20 years ago.
And we know how that scare turned out to be a damp squib. But who knows maybe this threat is far more tangible and serious than Y2K proved to be?
 

jmcc

Well-known member
Joined
Jun 12, 2004
Messages
42,346
How would the attackers get into a personal computer system? Surely the barriers from the router connections and the firewall would stop that?
Haven't blamed the Russians yet? :) The code may already exist on some computers.
 

Half Nelson

Well-known member
Joined
Dec 12, 2009
Messages
21,415
I would never store important passwords on a pc or smartphone. I don't trust them - it's that simple.
There's an evolutionary arms race between manufacturers and hackers and I don't intend to be a casualty.
 

robut

Well-known member
Joined
Apr 6, 2008
Messages
8,729
Interesting links in that OP.

These warnings sound to me like a re-heat of Y2K scare, 20 years ago.
And we know how that scare turned out to be a damp squib. But who knows maybe this threat is far more tangible and serious than Y2K proved to be?
Things circling around that this is the continuation of the recent NSA hacked / leaked malware stuff. Even some saying it could be related to DPRK.

And even others saying that these vulnerabilities were always in chips via US intelligence insistence going way back. Then due to NSA leaks access to these vulnerabilities got out into the wild ..
 

GDPR

1
Joined
Jul 5, 2008
Messages
217,846
I would never store important passwords on a pc or smartphone. I don't trust them - it's that simple.
There's an evolutionary arms race between manufacturers and hackers and I don't intend to be a casualty.
Where do you store them then?
 

robut

Well-known member
Joined
Apr 6, 2008
Messages
8,729
Interesting article. I have just skimmed through it. It seems to mention Linux a lot but not UNIX upon which the Mac OS is based. However, if it is a hardware problem and Apple Macs are using Intel and/or ARM then maybe they can be vulnerable too.
This is evolving. Look at my 2nd post on page1:

Meltdown and Spectre: ‘worst ever’ CPU bugs affect virtually all computers

Serious security flaws that could let attackers steal sensitive data, including passwords and banking information, have been found in processors designed by Intel, AMD and ARM.
So thats pretty much everything? APPLE doesnt escape this time :D

And as far as I know LINUX is UNIX, an offshoot of same ..
 


New Threads

Popular Threads

Most Replies

Top