Meltdown & Spectre: Intel Security Flaw Puts Smartphones & Computers At Risk!
These are architecture-level flaws which are going to be tough to patch.
Recently some security researchers have revealed how a set of security flaws is letting hackers steal all the sensitive information from almost all modern computers and devices which use chips from Intel, AMD and ARM.
The flaw which allows malicious agents to steal sensitive information like passwords and other secret data from your computer and even smartphones, became public this week.
The bug affects laptops, desktop computers, smartphones, tablets and internet servers. Both Intel and ARM have insisted that it was not a breach. They have asked users to download a security patch and update their operating system to fix the flaw.
What Are These Security Flaws?
The Security Researchers from Google in conjunction with academic researchers from multiple countries have primarily discovered two flaws.
The first flaw is termed Meltdown, which initially affects Intel chips and makes way for hackers to bypass the hardware barrier in the system between the applications run by the users and the computer. This lets the hackers read the memory on the computer and steal passwords and other data.
The second flaw is called Spectre, which affects the processors from Intel, AMD and ARM. It lets the hackers potentially trick the error-free applications and gives up all the secret information from the computer.
Who Are Affected?
Almost all the computers and majority of smartphones are affected by these vulnerabilities.
Chips dating back to 2011 were tested and were found vulnerable to these flaws. The flaws affect all the processors which go as far back as to the devices released in 1995.
The Meltdown and Spectre flaws are mistakes at the architecture level. All devices, be it a computer or a smartphone, which run Windows, OS X or Android are equally vulnerable to these flaws.
With a wide variety of the devices, ranging from laptops, smartphones to internet servers, all are theoretically affected. At present, any untested device is considered to be affected.
Can The Security Flaws Be Fixed?
Not completely. But they have tough partial fixes.
Almost all the devices that are “affected” or are “vulnerable” to the flaws, so all are open to attack. Meltdown flaw can be fixed by a patch which builds a stronger wall of protection around the kernel.
The modern CPU architectures assume that there are certain things which work around the kernel. If that is changed, then it won’t be able to operate at full capacity. If the flaw affects a device like a smartphone, it will also cause battery problems.
The flaws can possibly be fixed with system patches but at the cost of performance. The isolation of the kernel memory on the computer will create significant slowdowns of the processes and will impact the performance.
The patches for the Meltdown and Spectre will soon roll out widely as confirmed by Intel, it’s still not clear whether the performance of the device will remain same or not. Even if the updates affect the performance, the complete security of the device will still be questionable.