Well, 2018 has started with a bang, as news has emerged that a fundamental flaw in processing chips has exposed an entire generation of devices to attack.
According to a report on The Verge, initial reports were pretty vague, thanks to the fact that developers are locked into pretty iron-clad Non Disclosure Agreements (NDAs), so it was difficult to uncover the extent of the problem. However, The New York Times and ZDNet have reported that researchers have identified two critical vulnerabilities in Intel chips, and their findings make for rather grim reading.
As one researcher has put it, these bugs are “going to haunt us for quite some time.”
Dubbed “Meltdown” and “Spectre”, these processor flaws will allow attackers to help themselves to data from the memory of running apps, giving them access to emails, password managers, photos, documents and other app data.
Apparently, developers have been scrambling to construct fixes for this problem; The Register reports that both the macOS Linux and Windows kernels have received significant redesigns in order to close the flaws. But apparently, we’re not all out of the woods yet.
The researchers have created a site containing their findings on Meltdown and Spectre, and while the information available includes the existence of the requisite patches for each flaw, it also contains some rather frightening data. First up, there’s no way of knowing whether or not one has been breached ahead of implementing the necessary patch for their system; the Meltdown and Spectre “exploitation does not leave any traces in traditional log files.”
At present, Intel chips are at heart of the research, so it’s unclear as yet if other processing chips have been affected.